Data Access Network facilitates network monitoring.
Press Release Summary:
Existing outside normal configuration management supervision, Data Access Network (DAN)provides intelligent connectivity layer between production network and enterprise's monitoring tools, ensuring unobtrusive data access to every device. DAN technology is based on circuit switching of replicant packets rather than live traffic, so network performance is not impacted. As local/remote access management plane, DAN can provide full access to data across network while maintaining strong security.
Original Press Release:
Gigamon Introduces The Data Access Network: a Total Solution to Network Monitoring Challenges
Breakthrough Alternative to SPANS, TAPs and Sniffers Solves Problems Posed By Multiple - and Competing - Compliance, Auditing, Security and Troubleshooting Tasks
MILPITAS, Calif., Oct. 14 /-- As any voice or data network engineer knows, monitoring is a critical part of the job. In fact, the reasons for monitoring-intrusion detection, SOX compliance, forensic recording, VoIP analysis, lawful intercept, system troubleshooting and the like-have only grown over time.
Unfortunately, the available infrastructure for network monitoring hasn't made things easy. SPAN (Switch Port for Analysis) ports on network switches are few -- and the packet mirroring approach used by SPANs can affect switch performance. As for TAPs (Test Access Ports), only one can be installed per network segment, and the TAP will add significant cost without the ability to scale for multiple tools.
Trouble is, multiple tools are often required-at an alarming cost-to sufficiently monitor mission critical network segments. Any additions or changes to the prescribed tools require permission from the configuration management staff, as well as a late-night maintenance window to do the installation.
Into this complex situation, Gigamon, a leading provider of intelligent data access networking products, has introduced an innovative and economical solution: the Data Access Network, or DAN. Gigamon developed the DAN concept as a total data center network remedy-one that accommodates the growing number of networking monitoring tools. DANs provide exactly the packets needed for a given tool to carry out its function and, by virtue of their out-of-band orientation, do so without impacting network operations.
"Network engineers have never had anything like this before," explained Patrick Leong, Gigamon's chief technical officer. "As designed by Gigamon, the Data Access Network is comprised of the monitoring and analysis tools needed to maintain, verify, grow and troubleshoot the production network, facilitated by a 'packet aware' data access switch. Traditional access methods are not packet aware, and cannot filter, aggregate, balance or intelligently direct traffic to specific tools. By providing a flexible, dynamic infrastructure, the DAN not only accommodates the growing number and complexity of monitoring tools, but also establishes the support environment necessary for enterprises to successfully maintain and grow their businesses."
Cost-Saving Layer
Gigamon's proprietary DAN solution exists outside the boundaries of normal configuration management supervision. It provides an intelligent connectivity layer between the production network and the enterprise's monitoring tools, ensuring unobtrusive data access to each and every device. By so doing, the DAN gives network engineers new power to manage their networks with less cost and fewer disruptions.
DANs pay for themselves many times over by reducing or consolidating the number of monitors needed to provide complete data center coverage. By using a DAN in the infrastructure, network or security engineers can do much more, with fewer and less expensive tools.
Intelligent Filtering/Mapping
Gigamon's innovative DAN concept provides connectivity for virtually any monitoring tool, from intrusion detection systems and sniffers to VoIP analyzers, applications monitors and data recorders. Its secure, customizable "data socket" configuration uniquely allows users to divide traffic and distribute packets to different 1 GigE or 10 GigE tools according to a variety of user-defined rules:
o Any-to-Any Connectivity to solve tool deployment problems
o Aggregate Multiple Links to consolidate tools
o Multicast to Multiple Tools to share data sources
o Intelligently Filter and Divide Loads to customize and manage data to different tools
"Most individual monitoring tools are not designed to handle the high rate of traffic flow through modern data center networks. By intelligently filtering and mapping packets to multiple instances of a particular type of tool, Gigamon's DAN connectivity solution breaks down -- or balances -- the traffic required for a specific set of devices no matter what their interface speed," said Leong. "The result is better tool performance and complete network coverage with no lost packets. And with an ultra-low latency of six micro-seconds from port to port, there is no measurable effect on data flows. DAN is a reliable, cost-effective passive data access solution."
DAN technology is based on circuit switching of replicant packets rather than live traffic, so network performance is not impacted. It offers 100% line rate performance through all ports, even if the port is filtered. Filter rules are based on pre-defined templates that include MAC source or destination addresses, IP source or destination addresses (including IPv6), IP subnets, VLAN IDs, TOS priority bits, range masks featuring odd-even discrimination (RTP/RTCP filtering), user defined bit pattern and offset, and more.
As a local/remote access management plane, the DAN can provide full access to data across the network -- yet strong security is maintained through a number of advanced protocols. Local users are password authenticated, while remote users require TACACS+ or RADIUS authentication. The remote management interface is SSH2 128-bit encrypted for maximum protection; data can't be seen through the interface and users are locked to their individual ports, ensuring that other ports cannot be altered.
Wide Acceptance
Gigamon's DAN technology is incorporated into its GigaVUE line of data access switches. The technology has earned Gigamon the Emerging Technology of the Year award in the world monitoring market from Frost & Sullivan, and over 1,450 GigaVUE units are already in use at over 350 telecom, industrial, manufacturing, financial, banking, medical, utility and government networks worldwide. Current users include Apple, Chevron, Cisco, eBay, the U.S. Federal Reserve, Capital One, Deutsche Bank, Fidelity Investments, Hartford Insurance, JCPenney, NASA, Northwestern Insurance, the NYSE, Raytheon, Sprint, Verizon, T-Mobile, Vodafone and the U.S. Department of Defense, among many others.
For more information on Gigamon Data Access Network technology, including a product brief and online presentation on the company's GigaVUE data access switches, visit http://www.gigamon.com/.
About Gigamon:
Founded in 2003 by six veteran engineers from network monitoring and telecommunications equipment companies, Gigamon invents and manufactures innovative solutions for data access networks. Its flagship product, GigaVUE(R), can support multiple out-of-band monitoring tools for compliance, security, troubleshooting and analysis, sidestepping the hassles presented when too few SPAN ports are available. It also can aggregate and intelligently filter packets from many SPANs or TAPs to one or multiple tools to solve the problem of monitoring flows across complex mesh topologies and virtual networks. GigaVUE(R) data access switches significantly reduce customers' capital budgets and yield immediate ROI benefits. For more information about Gigamon and its award-winning solutions, visit http://www.gigamon.com/.
