- Flexibility in forwarded traffic: In virtualized environments, users can choose to either de-encapsulate packets, forward it on encapsulated, or do both. This flexibility allows monitoring tools to see more, as needed. Additionally, tight integration with NETSCOUT InfiniStream ® probes allow the probes to use the information in the encapsulation headers to provide deeper visibility into the packet data, such as port and time stamp information.
- Traffic origination visibility: Through integration with the nGeniusONE Service Assurance platform, PFS mode on the packet flow switch allows monitoring tools to see from which links on the network a particular packet flow originates through customizable VLAN tagging. The packet flow switch can set custom VLAN Tag ID values, as traffic is forwarded to monitoring tools. This enables the tools to inspect traffic based on origin, which is critical in multi-tenant environments.
- Visibility into tunneled packet flows: With generic stripping (de-encapsulation) , nGenius Packet Flow Switches support network environments that utilize a variety of tunneling protocols (e.g. GRE, ERSPAN, GTP, MPLS) by giving monitoring tools the visibility into these packet flows. Packets can be de-encapsulated from tunnels and inspected, so monitoring tools can see things that were previously hidden within these protocols.
- Advanced inline aggregation: When aggregating traffic from multiple networks, VLAN tags are often utilized to identify the appropriate network source for returning inspected traffic. However, this creates issues for security systems that cannot process these tags. Additionally, in large-scale dynamic network environments with asymmetric routing, delivering packets back to the origination source is not possible. With nGenius Packet Flow Switches, discovery of the origination network by MAC address or Link Aggregation Group (LAG) alleviates the additional tagging requirement of other systems. So security systems can see all packet flows for inspection and analysis, and packets are returned to the source of origination on the network correctly.
- High frequency advanced health checks: nGenius Packet Flow Switches go beyond a simple interface (port up/down) or "heartbeat" ping to see if security systems are on. With
- Hybrid port support: Both passive (copies of traffic) and active (production) traffic can be sent to the same monitoring tool port, allowing security systems with a hybrid capability to receive the traffic on the same port. Systems that provide both active and passive capabilities, such as intrusion prevention (IPS) and intrusion detection (IDS), are gaining ground. The hybrid mode on nGenius Packet Flow Switches leads to better port utilization and efficient use of security systems, as now customers do not have to choose which mode to run the system in or run two systems (one active and one passive) in parallel.
- Scalable security systems: With the large amount of traffic that needs to be inspected from high-speed links (e.g. 40G) or aggregated from multiple links, the processing capability of each security system needs to be considered to prevent overload and potential failure on any one system. nGenius Packet Flow Switches support high capacity (up to 32 instances) session-aware load balancing, providing security visibility and reducing risk by preventing over-subscription and potential failure on any one system.
©2016 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, InfiniStream, InfiniStreamNG, nGenius and nGeniusONE are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.