X2 & X3-Series
Network Packet Brokers
Timestamping, Deduplication, Slicing, Tunneling, SSL/TLS Decryption, Data Masking Learn more
What is a Network Packet Broker?
A Network Packet Broker (NPB) is a device that optimizes traffic flow between TAP and SPAN connections and network monitoring, security, and acceleration tools. By maintaining a many-to-many (M:M) port mapping of network ports to monitoring ports, they can direct network traffic efficiently. Filters can be applied to optimize bandwidth usage on the network, and load on connected tools, increasing their performance.
Network architectures are constantly becoming more complex and distributed. So are network speeds, volumes of data, and traffic. Network Packet Brokers help you optimize the performance of your monitoring and security tools across the entire network by giving each device the correct packet data, which increases network efficiency while reducing your costs.
- Packet Slicing
- SSL/TLS Decryption
- Data Masking
- GTP IP Filtering
- Timestamping
- Packet Deduplication
- Tunneling & De-tunneling
- Aggregation
- Replication
- Load Balancing
- Filtering
Optimize bandwidth and storage utilization and ensure security compliance
When using packet slicing, the frame headers are kept, and the payloads dropped. By removing payloads that are irrelevant to your network monitoring and security analysis, tool overload and bandwidth usage can be decreased.
- X3-Series
- X2-Series
In-band and out-of-band SSL/TLS decryption
The X3-Series supports in-line and out-of-band SSL/TLS traffic decryption. In in-line mode, the X3-Series decrypts and re-encrypts traffic. This allows connected tools to see decrypted data before it is re-encrypted and sent back into the network. Out-of-band decryption means the X3-Series passively decrypts a mirrored or tapped copy of the traffic.
- X3-Series
Data masking
Decrypted traffic can expose confidential data to network engineers and analysts, resulting in security or privacy implications. The X3-Series can obfuscate sensitive data to comply with regulations and prevent data leakages. Data masking enables complete visibility into decrypted data without the risk of exposing sensitive data.
- X3-Series
Filtering IP-based communication in GTP sessions
The GPRS tunneling protocol (GTP) policies contain rules that permit, deny or tunnel traffic. The Profitap X2-Series NPBs perform GTP policy filtering by checking GTP-U data-plane packets against policies that regulate GTP traffic and by then forwarding, dropping, or tunneling the packet based on these policies.
- X3-Series
- X2-Series
Measure latency for accurate analysis
A crucial aspect of running and maintaining a network is speed. In the context of network monitoring, speed is linked to the concept of latency, referring to the speed of the network or the Remote Response time.
- X3-Series
- X2-Series
Removes packet duplicates and provides a substantial reduction in data traffic volume
Duplicate packets are very common in networks. When accessing traffic at multiple locations in the network, picking up the same packets multiple times is almost unavoidable. When duplicate packets are transmitted to your monitoring tools, the unnecessary utilization of bandwidth and processing power reduces the efficiency and effectiveness of these tools.
- X3-Series
- X2-Series
ERSPAN tunneling and de-tunneling, GRE de-tunneling, VXLAN de-tunneling
NGNPBs provide access to traffic encapsulated for a variety of tunneling protocols, such as Encapsulated Remote SPAN (ERSPAN), Generic Routing Encapsulation (GRE), and Virtual Extensible LAN (VXLAN). These advanced de-tunneling features help ease blind spots of multiple traffic traversing on a network anywhere within your IT infrastructure, whether locally or remotely, physically, or virtually.
- X3-Series
- X2-Series
Aggregate traffic coming from multiple incoming links
Optimize port, bandwidth, and network tool utilization by consolidating traffic from multiple sources, such as Network TAPs.
- X3-Series
- X2-Series
- XX-Series
Replicate traffic to multiple monitoring and security tools
Traffic replication is the process of making multiple copies of data and forwarding them to different locations, such as NPM/APM tools, network security tools, and data storage.
- X3-Series
- X2-Series
- XX-Series
Balance traffic over multiple monitoring and security tools
When several security tools are deployed, load balancing can optimize the response time and avoid uneven load while another is idling. By distributing the traffic load evenly among the available security tools they are used in the most efficient way. A Network Packet Broke is an ideal tool for this as it sits between the TAPs and security tools.
- X3-Series
- X2-Series
- XX-Series
Send only actionable data to each of the connected tools
Ensure optimum efficiency of monitoring and security tools, and bandwidth utilization, by filtering traffic such that only appropriate data is sent to these network tools
- X3-Series
- X2-Series
- XX-Series
X3-Series Advanced Network Packet Brokers
The new generation of X3-Series Advanced Network Packet Brokers enables full visibility over packets and flows and complex advanced processing for extended visibility. The X3-Series are Profitap’s most versatile Network Packet Brokers, with standard and advanced features.
- In-band and out-of-band SSL/TLS decryption
- Data masking
- Packet deduplication
- TCP packet reordering and fragments re-assembling
- Full tunneling capability
- Packet Slicing
- IMSI Filtering
- Timestamping
- Export NetFlow v5/v9
- L2-L7 Filtering, DPI
- Load Balancing
- Any-to-any Replication and Aggregation
- Microburst Protection
Model
X3-880G
X3-440G
X3-880G-ID
X3-440G-ID
X3-880G-GC
X3-440G-GC
Type
Interfaces
4 x 40/100G QSFP28
2 x 40/100G QSFP28
4 x 40/100G QSFP28
2 x 40/100G QSFP28
4 x 40/100G QSFP28
2 x 40/100G QSFP28
Speed
Datasheet
X3-880G
Type: Advanced Network Packet Broker
Interfaces: 48 x 1/10G SFP+, 4 x 40/100G QSFP28
Speeds: 1G, 10G, 40G, 100G
X3-440G
Type: Advanced Network Packet Broker
Interfaces: 24 x 1/10G SFP+, 2 x 40/100G QSFP28
Speeds: 1G, 10G, 40G, 100G
X3-880G-ID
Type: SSL/TLS In-Line Decryption
Interfaces: 48 x 1/10G SFP+, 4 x 40/100G QSFP28
Speeds: 1G, 10G, 40G, 100G
X3-440G-ID
Type: SSL/TLS In-Line Decryption
Interfaces: 24 x 1/10G SFP+, 2 x 40/100G QSFP28
Speeds: 1G, 10G, 40G, 100G
X3-880G-GC
Type: GTP Correlation
Interfaces: 48 x 1/10G SFP+, 4 x 40/100G QSFP28
Speeds: 1G, 10G, 40G, 100G
X3-440G-GC
Type: GTP Correlation
Interfaces: 24 x 1/10G SFP+, 2 x 40/100G QSFP28
Speeds: 1G, 10G, 40G, 100G
X2-Series Network Packet Brokers
The Profitap X2-Series are network packet brokers (NPBs) with a max total throughput of up to 6.4 Tbps. In addition to the standard XX-Series features, these NPBs offer an extensive set of features, such as packet slicing, GTP IP filtering, ERSPAN tunneling & de-tunneling, packet deduplication, and timestamping.
- Aggregation, replication, filtering, VLAN tagging and stripping, MPLS stripping, and load balancing (any-to-any, any-to-many, many-to-many)
- Local and remote management (CLI, GUI, SNMP, Syslog)
- PTPv2 time synchronization
- Flexible role-based management access
- TACACS+/RADIUS authentication
- Supports 1GbE, 10GbE, 25GbE, 40GbE, 100GbE
- Packet slicing, timestamping, GRE de-tunneling, VXLAN de-tunneling, and ERSPAN de-tunneling
- Layer 2–4 filtering
- RESTful API support
- In-line mode and in-line tool sharing
- Redundant, hot-swappable PSUs and fan modules
X2-2000G
Interfaces: 16 x 1/10/25G SFP28, 32 x 10/25G SFP28, 8 x 40/100G QSFP28
Speeds: 1Gbps, 10Gbps, 25Gbps, 40Gbps, 100Gbps
X2-3200G
X2-6400G
use case
Network monitoring in virtual and physical multi-tenant networks
The company’s network architecture contains a virtual environment with separated multi-customer spaces used for VoIP traffic. For each customer, there are virtual machines (VM) dedicated for VoIP traffic. VoIP traffic is also coming from internal sources like physical links and outside sources like the Internet.
use case
Telecom provider optimizes security platform performance
Profitap was tasked by a leading Telecom provider to better integrate and optimize a cybersecurity solution into the network infrastructure. Key technical criteria were to collect relevant traffic from key capture points in the network and to feed it to two cybersecurity platforms that were centrally located and managed.
JOIN THE CONVERSATION
Find us on one of the following social platforms to get a sneak peek into the network monitoring world.
BE PART OF THE TEAM
We are always on the lookout for talented and passionate people, who are open to change and innovation.
OUR BLOG
Find the latest insights on network monitoring & analysis so you know which solution suits you best.