Big Monitoring Fabric (Big Mon) Out-of-Band is the most intelligent, agile, and flexible security and monitoring fabric available for today’s data center. It enables network operators to monitor every flow by gaining complete visibility into every server, every rack, every location, and every type of traffic, including mobile/LTE, virtual, and cloud-native. Every tool, regardless of location, can receive real time copies of relevant network flows – all programmable through a single pane interface.
Big Mon Out-of-Band offers the functionality of traditional NPBs – receiving traffic from TAPs and SPAN ports and delivering to tools – with the added capabilities and advantages of a true software-defined networking (SDN) architecture. All traffic delivery rules, including packet aggregation and filtering, advanced packet handling, and flow generation are programmed through the controller. Tools can be centrally located, policies can be uniformly rolled out, and troubleshooting can be done with a few clicks. No need to manually map traffic to each tool. Tool policies set at the controller automatically map the right traffic to the right tool at the right time.
Big Mon Out-of-Band delivers the next-generation capabilities today’s data centers demand, enabling network operators to realize the benefits of pervasive network visibility for all monitoring and passive security tools:
Big Mon Out-of-Band’s true SDN architecture eliminates the box-by-box management of traditional NPBs and enables zero-touch operations as well as rapid rollout, configuration, and change management of the entire monitoring and security fabric.
Big Mon allows granular control of traffic delivery to each tool. Aggregation, L2-L4 filtering, deeper packet matching (DPM), and sFlow generation ensure only traffic of interest is delivered to each tool, which boosts tool efficiency.
Advanced Flow and Packet Handling
Big Mon Service Nodes can be introduced to the fabric for advanced packet handling, such as deduplication, packet slicing, packet masking, header stripping, regular expression matching, and Netflow generation.
The controller’s rich, drag-and-drop graphical user interface offers analytics and alerting for real time traffic insight. REST APIs enable integration with performance and security tools and simplified/streamlined NetOps/SecOps workflows.
Big Mon supports multi-tenancy and monitoring as service. Multiple groups and functions can share the fabric, while maintaining isolation and other policy-based access requirements.
Big Mon’s resilient mesh design ensures continuous visibility and traffic deliver for all tools.
Because Big Mon’s logical NPB fabric is decoupled from the physical visibility nodes, network operators can deploy, operate, scale and innovate faster.
- Auto-discovery and configuration of Big Mon nodes
- Tools can receive traffic from anywhere in network, regardless of physical location
- Delivery policies are programmed from a single interface
- Real time visibility and analytics for quick troubleshooting
- Changes to traffic delivery policies can be made without any physical reconfiguration of the visibility architecture
- REST APIs for tool and workflow integration and automation (event triggered monitoring, alerts, and tool interactions)
Scale and innovate faster
- Zero-touch scale out fabric
- Add tools without impacting network or disturbing existing tools
- Scale tool bandwidth via fabric-based tool load balancing
- Reprogram policies in real time based on data center changes or newly discovered threats
Big Mon Out-of-Band shares the same controller as Big Mon Inline, which enables all tools (passive and active) to be managed from a single pane of glass. Network operators finally have the visibility they need to defend and monitor the data center, while enhancing operational efficiency and reducing OPEX by up to 50%.
Big Mon Out-of-Band combined with the BigSecure™ Architecture enables organizations to extend network visibility and security monitoring into dynamic, terabit-scale DMZ protection — so they can proactively defend the network, as well as ensure its high-performance.
Monitor Every Rack
Big Switch Networks pioneered pervasive visibility in the data center with its scalable network packet broker architectures that significantly increase operational efficiency for network and security teams.
- Fully instrument your data center without exploding tool costs
- Leverage open-hardware networking switches for cost-efficient visibility
- Use automation and programmable workflows to create a low-touch data center monitoring infrastructure
Monitor Every Location
Easily extend your monitoring and security architectures across multiple data centers. Big Mon’s controller-based SDN architecture enables remote, centralized control of tool policies and configurations, with management performed through a simple, single pane interface.
Gain visibility into your mobile LTE network traffic with advanced packet handling that allows tools to monitor tunneled traffic. Traffic can also be delivered to tools based on customer or application.
Create unified monitoring and security policies across both physical and virtual traffic. Big Mon enables network operators to access traffic from VMs, containers and public clouds and direct this traffic to any monitoring or security tool.