Uncategorized / April 19, 2016

The Power of Visibility Meets the Performance of Visibility

In the last few years, visibility has morphed from something nice-to-have to something that is essential to both modern enterprise and service provider infrastructure. Accentuating this aspect is the recognition that network upgrades, whether physical or virtual, disrupt operations unless a visibility abstraction layer was already in place or is architected as part of the upgrade. Indeed, if “SPAN port” is a dirty phrase in securing and operating 10Gb infrastructure, it is downright heresy to depend on a SPAN port when trying to secure and operate 100Gb infrastructure!

This is because organizations upgrading to 100Gb face some foundational security and operational issues:

  • How does an enterprise upgrading to 100Gb secure those 100Gb networks? Security tools that rely on network traffic feeds (such as IPS or firewalls) cannot handle the volume of traffic in 100Gb networks while concurrently doing the deep analysis/inspection they specialize in.
  • How does a service provider migrating to 100Gb ensure that the cost of any legacy tooling infrastructure does not hinder their goal of achieving subscriber-aware visibility?
  • How can essential metadata extracted from 100Gb network traffic be fed to SIEMs used in a security infrastructure?

A visibility layer that can intelligently groom the 100Gb traffic is essential to solving these challenges.

To date, most organizations have stalled or deferred upgrades to 100Gb. Held back by successive churn in 100Gb optic form factors, high power consumption/thermals and immaturity of early 100Gb offerings, and the fundamental cost inefficiencies of 100Gb, most organizations had little incentive to upgrade to 100Gb.

That is until now! Every one of the afore-mentioned barriers has now been overcome, paving the way for increased 100Gb adoption. Consider this:

  • 100Gb optics form factor has shrunk from the original CFP form factor (which was about the size of an Apple iPhone 6 Plus) to the newer “QSFP28” form factor, which is exactly the same form factor as a 40Gb optic.
  • Power consumption and thermals have reduced by over 75% between first-generation CFP and the current generation QSFP28 form factors
  • Unlike 10Gb, 100Gb is not a serial technology and multiple “lanes” are used to transport 100Gb. Technology has now matured to efficiently transport 100Gb with 4 lanes of 25Gb vs. the more inefficient 10 lanes of 10Gb in the past—both internal to a 100Gb system and “on the wire”.
  • All of the above means that the cost to upgrade to 100Gb is now less than ten times the cost of 10Gb, a key consideration for a budget decision maker.

This morning, we announced extensions to our portfolio that introduces the new 100Gb technology across a broad range of products in our portfolio. From compact traffic aggregators (GigaVUE-TA100) to mid-range systems (GigaVUE-HC2) to Terabit scale systems (GigaVUE HD Series) along with 100Gb TAPs, a range of options is now available for organizations seeking to solve security and operational challenges with 100Gb.

When combined with the other traffic intelligence capabilities inherent to the Gigamon Visibility Fabric®, visibility can now be obtained in new ways:

  • Summarize critical information into essential metadata that is fed to SIEMs and other NetFlow/IPFIX collectors used for analysis across time
  • 100Gb logical bypass to enable security and availability of 100Gb networks
  • Leverage subscriber-aware visibility functions to help mobile providers upgrade to 100Gb and adopt a model of differentiated subscriber-aware service monitoring in their infrastructure
  • Save costs by extending the life and utility of existing tools

It is just one more example of how an architectural approach to visibility ensures that the power of visibility and the performance of visibility can both be concurrently leveraged.

Back to top