Network Packet BrokersOptimize the performance of network analysis and security tools
What is a Network Packet Broker?
A Network Packet Broker (NPB) is a device that optimizes the flow of traffic between TAP and SPAN connections and network monitoring, security and acceleration tools. By maintaining a many-to-many (M:M) port mapping of network ports to monitoring ports, they can direct network traffic efficiently, and filters can be applied to optimize bandwidth usage on the network. This also means that the performance of out-of-band tools increases as they receive only actionable data.
Why do you need a Network Packet Broker?
Network architectures are constantly becoming more complex and distributed, and so are network speeds, volumes of data, and traffic. Network Packet Brokers help you optimize the performance of your monitoring and security tools across the entire network by giving each tool the right packet data, which results in an increase of network efficiency while reducing your costs.
The Profitap XX-Series and X2-Series Network Packet Brokers are high-end versatile solutions, bringing you the power and flexibility of network traffic management. Profitap NPBs are designed for aggregation, filtering, and routing of multiple 1/10/25/40/100/400G inputs, used in high sustained bandwidth port monitoring and analysis scenarios.
Network Packet Brokers enhance the performance of network analysis and security tools, helping you solve application performance bottlenecks and troubleshoot problems on the network. This way, you can benefit from improved monitoring and a greater return on investment.
XX-Series Network Packet Brokers
Profitap XX-Series Network Packet Brokers are high density packet brokers, bringing you the power and flexibility of network traffic management with a total throughput of up to 3.2 Tbps in a single 19″ RU. All XX-Series Network Packet Brokers offer powerful features, such as aggregation, replication, filtering, and load balancing.
6 x 40G QSFP+
6 x 100G QSFP28
16 x 100G QSFP28
Interfaces: 48 x 10G SFP+, 6 x 40G QSFP+
Speeds: 1Gbps, 10Gbps, 40Gbps
Interfaces: 48 x 25G SFP28, 6 x 100G QSFP28
Speeds: 1Gbps, 10Gbps, 40Gbps, 100Gbps
Interfaces: 48 x 25G SFP28, 16 x 100G QSFP28
Speeds: 1Gbps, 10Gbps, 40Gbps, 100Gbps
Interfaces: 32 x 400G QSFP-DD
Speeds: 40Gbps, 100Gbps, 400Gbps
X2-Series Next-Gen Network Packet Brokers
The Profitap X2-Series NPBs are next-generation network packet brokers (NGNPBs) with a total throughput of up to 6.4 Tbps. In addition to the standard XX-Series features, these NGNPBs offer an extensive set of features, such as packet slicing, GTP IP filtering, ERSPAN Tunneling & De-Tunneling, packet deduplication, and timestamping.
Interfaces: 16 x 1/10/25G SFP28, 32 x 10/25G SFP28, 8 x 40/100G QSFP28
Speeds: 1Gbps, 10Gbps, 25Gbps, 40Gbps, 100Gbps
Interfaces: 64 x 40/100G QSFP28
Speeds: 10Gbps, 40Gbps, 100Gbps
- Load Balancing
- Packet Slicing
- GTP IP Filtering
- Packet Deduplication
- Tunneling & De-tunneling
Aggregate traffic coming from multiple incoming links
Optimize port, bandwidth, and network tool utilization by consolidating traffic from multiple sources, such as Network TAPs.
Aggregation can be combined with the replication feature to send the aggregated traffic to multiple output ports. It can also be combined with both the replication and filtering features to send different parts of the aggregated traffic to different output ports.
Use case examples:
• Send traffic from multiple sources to monitoring and security tools as a single stream.
• Aggregate multiple traffic streams into higher-speed links.
Replicate traffic to multiple monitoring and security tools
Traffic replication is the process of making multiple copies of data and forwarding them to different locations, such as NPM/APM tools, network security tools, and data storage.
Benefits of traffic replication include improving the availability of data and increasing the speed of data access.
Use case examples:
• Monitoring (tapping): send the traffic to both its intended destination and monitoring/analysis/storage systems.
• Redundancy: send the traffic to multiple network paths to avoid single points of failure and reduce the risks of downtime.
Balance traffic over multiple monitoring and security tools
When several security tools are deployed, load balancing can optimize the response time and avoid uneven load while another is idling. By distributing the traffic load evenly among the available security tools they are used in the most efficient way. A Network Packet Broker is an ideal tool for this as it sits between the TAPs and security tools.
Send only actionable data to each of the connected tools
Ensure optimum efficiency of monitoring and security tools, and bandwidth utilization, by filtering traffic such that only appropriate data is sent to these network tools.
Target specific parts of the traffic via a wide array of filter rules based on L2/L3/L4 packet headers. Filter rules support priority classes, as well as outbound options to apply to the targeted traffic.
Optimize bandwidth and storage utilization and ensure security compliance
When using packet slicing, the frame headers are kept, and the payloads dropped. By removing payloads that are irrelevant to your network monitoring and security analysis, tool overload and bandwidth usage can be decreased.
Oftentimes the tools that data is forwarded to only need information that is stored in the header of each packet. The payload does not matter. If you remove payload data from packets and leave only the header information, you ensure that only actionable data is sent across to the appropriate tool.
Another benefit of this feature is in security compliance. With packet slicing, you will be able to take out confidential data before it reaches your monitoring tools. This to ensure that this sensitive data is not being stored outside secure boundaries.
Use case examples:
• Optimizing bandwidth and storage utilization through only sending necessary data to connected tools.
• Adhere to privacy laws and security requirements by cutting out confidential data.
Filtering IP-based communication in GTP sessions
The GPRS tunneling protocol (GTP) policies contain rules that permit, deny or tunnel traffic. The Profitap X2-Series NPBs perform GTP policy filtering by checking GTP-U data-plane packets against policies that regulate GTP traffic and by then forwarding, dropping, or tunneling the packet based on these policies.
GTP is a group of IP-based communications protocols used to carry GPRS traffic within GSM and UTMS networks. It is designed as a carrier to transport actual mobile packets over the network via tunneling. The tunnel is a channel between multiple GPRS support nodes through which the hosts exchange data. All IP addresses in the GTP packets are for mobile network elements such as the base station and the serving gateway.
When IP tunneling is used to deliver IP traffic across the core network using GTP, this traffic is encapsulated. That’s where the GTP IP filtering feature comes in handy. This feature will allow you to filter by IP in GTP sessions based on information in the data stream to control data flow within your infrastructure. This can be done by configuring the device to pass or drop the encapsulated traffic that doesn’t match the packet policy from the mobile station through identifying the source and the destination.
Measure latency for accurate analysis
A crucial aspect of running and maintaining a network is speed. In the context of network monitoring, speed is linked to the concept of latency, referring to the speed of the network or the Remote Response time. Apart from the processing time needed on any network to process a request, there is a delay in the request to reach the network. This delay is called latency. Even though it can be challenging to improve latency, it is important to measure it with purpose-built solutions. The ability to timestamp packets with high precision is therefore essential to understanding what is going on in the network at a packet-by-packet level.
Accurate time information is important for legal and criminal investigation, and the same applies to accurate forensic analysis and performance testing to measure crucial indicators like latency.
Removes packet duplicates and provides a substantial reduction in data traffic volume
Duplicate packets are very common in networks. When accessing traffic at multiple locations in the network, picking up the same packets multiple times is almost unavoidable. When duplicate packets are transmitted to your monitoring tools, the unnecessary utilization of bandwidth and processing power reduces the efficiency and effectiveness of these tools. For that reason, detecting and eliminating identical packets is crucial, as it results in improved visibility across your network. In the X2-Series, packet deduplication is done at the interface ingress.
ERSPAN tunneling and de-tunneling, GRE de-tunneling, VXLAN de-tunneling
NGNPBs provide access to traffic encapsulated for a variety of tunneling protocols, such as Encapsulated Remote SPAN (ERSPAN), Generic Routing Encapsulation (GRE), and Virtual Extensible LAN (VXLAN). These advanced de-tunneling features help ease blind spots of multiple traffic traversing on a network anywhere within your IT infrastructure, whether locally or remotely, physically, or virtually.
Track packets easily by adding IDs to packets based on the source (ingress) port and remove them as they leave the NGNPBs via exit (egress) ports. Using this approach, packets are encapsulated and directed from a switch/VLAN to a target IP endpoint with ERSPAN tunneling and sent to the appropriate tools. Also, by identifying and stripping the protocol, Network Engineers can selectively dictate which types of traffic should be routed to a specific device for further analysis. The X2-Series provides tunnel stripping for GRE, VXLAN, ERSPAN, IP over IP, and Teredo.
Join the conversation
Find us on one of the following social platforms to get a sneak peek into the network monitoring world.
Be Part of the Team
We are always on the lookout for passionate people, who are open to change and innovation.
Check the Careers Page