VSS Monitoring, a leader in network packet brokers (NPB), today at Cisco Live!
2012 announced that its packet broker appliances now support virtual network tag
(VN-Tag) stripping and filtering, enabling enterprises to have dynamic access,
selective visibility, and management of all packets across physical and virtual
environments.
As virtualized computing environments have rapidly expanded, enterprises have
struggled to get visibility into network packets travelling between virtual
networks across physical network infrastructure. Most performance monitoring and
security tools, as well as traffic aggregation devices, do not have the
capability to deliver visibility into or inspect virtual traffic when VN-Tags
are used to deliver packets between virtual and physical Cisco Nexus network
infrastructures.
To address this growing set of challenges in monitoring and securing virtual
machine (VM)-based traffic across virtual and physical networks, VSS Monitoring
has released a powerful new capability to support VN-Tags leveraging both
stripping and filtering capabilities. Enterprises offloading virtual traffic
switching to their existing physical switching infrastructure can now access
this virtual network traffic for monitoring, analysis and security with VSS
Monitoring VN-Tag stripping functionality without changing their existing tools.
The solution is being unveiled and demonstrated for the first time at Cisco
Live! 2012 in San Diego in VSS Monitoring's booth No. 2024.
"Proper network visibility in a post-virtualization implementation is
critical to maintain security of the newly deployed virtualized infrastructure,"
said Lawrence Pingree, research director at Gartner. "IT organizations are often
seeking new ways to retrieve specific flow or packet data for their content and
security inspection needs. Combining these capabilities to bridge the virtual
and physical realm is an innovative approach to solving a complex technology
need to enable customers to leverage existing investments in network security
products."
For VM traffic on physical Cisco Nexus networks that needs to be accessed by
third party monitoring and security tools, VSS Monitoring network packet brokers
provide seamless access and visibility into the VM traffic, filter traffic based
on the VN-Tag VIF ID, and strip the VN-Tags. Granular filtering and flow-based
load balancing can also be performed on the virtual traffic being forwarded,
making network tools perform more efficiently even as their overall traffic load
grows due to increased VM workloads.
"As enterprises continue to move to data center virtualization, causing
network environments to become more dense and complex due to a mix of virtual
and physical switch deployments, they also need additional visibility to address
their network analysis and security needs," said Tony Zirnoon, VSS Monitoring
senior director of Global Security Strategy and Marketing. "To mitigate these
added network challenges, VSS Monitoring continues to tightly integrate with
solutions from Cisco and other key providers of virtualized network
infrastructure, including leading SDN and hypervisor vendors, to help our
customers leverage their tools to efficiently manage and secure their
increasingly complex network environments."