Appliances Help Optimize Connections Between Toolsets, Switches

Network Health Feature Story

Appliances Help Optimize Connections Between Toolsets, Switches

By Paula Bernier, Executive Editor, IP Communications Magazines  |  October 01, 2010

This article originally appeared in the October 2010 issue of INTERNET TELEPHONY

Meeting performance and security requirements on public and private networks is a formidable challenge that involves the use of specialized tools for network management, intrusion detection and like. But these tools often can outnumber the available ports on a switch, have ports that are otherwise mismatched to switch outputs, or adversely affect the performance on switches, says Kevin Jablonski, vice president of marketing and business development at Gigamon (News - Alert).

To allow for more efficient interfaces between switches and such tools, and to otherwise assist with configuration management and change order control on networks, Gigamon offers a trio of hardware appliances. These devices connect to either span ports or mirror ports on switches from companies like Brocade (News - Alert), Cisco or Juniper; replicate the traffic coming off of those ports; and then multicast that traffic – or some subset of it – to any performance management or security tool that needs to look at it.

This eliminates the problem of span port or mirror port contention, so network operators have an adequate number of ports to which they can connect threat vulnerability testing gear or application performance management solutions, for example. “We’ll take two of those ports and make it look like 100 ports,” says Jablonski.

He adds that with the growing number of 10gig connections used on today’s networks, some network operators struggle with test and security toolsets that have single 1gig interfaces. Gigamon’s appliances help network operators address that challenge by taking 10gig connections and filtering them down to 1gig, or doing load balancing and sending out 10 1gig streams.

While capacity on networks continues to grow, so do security threats. Typically when a security company like McAfee releases information about a new series of threats and how to address them, network operators have to look at and make adjustments to their Cisco (News - Alert) or Juniper switches to mitigate the new viruses. Jablonski says that can involve a lengthy process and may have negative impacts on switch performance. However, because the Gigamon product already is connected to the span ports on the switch, he adds, it can supply the horsepower needed to dissect and filter the traffic as needed, offloading the processing that would otherwise have to be handled by the switch.

Gigamon’s appliances, which also are referred to as data access switches, are in use in both corporate and carrier networks. On the carrier side, the devices are employed by such major companies as AT&T, Sprint, T-Mobile (News - Alert), Verizon and Vodafone for a range of applications in core, transport and distribution networks, at the application layer, and in both wireline and wireless networks.

Jablonski says this business has been a “hugely profitable” one for Gigamon, a boot-strapped company that became profitable in 2005, the same year it launched its first product. The organization, which did its first round of funding ($23 million) early this year, expects to exceed $50 million in revenues by the end of 2010.

The company’s three appliances include the GigaVUE-212, which has two 10gigE and 12 1gigE ports; the GigaVUE-420, which delivers four 10gig ports and 20 1gigE ports; and the GigaVUE-2404, which offers 24 10gig ports and four 1gigE ports

 “With that one, the sales trend is literally hockey-sticking right now,” Jablonski says of the 2404.

Gigamon recently added to its appliances some new feature sets, which are available with the addition of GigaSMART blades. They allow for packet modification, so network operators can timestamp packets and read them within nanoseconds. The appliances also can now do packet slicing so the toolsets attached to them only have to look at the part of the flow that is of interest. The Gigamon technology also can mask packets to make sure passwords and other vital information are not seen by network engineers. And it can do port source labeling, so it’s clear what port traffic is coming from. While the Gigamon solutions can do all of the above, however one thing they don’t – and won’t – be doing is deep packet inspection, says Jablonski.

Gigamon’s products are available through channel partners. Initially, it used regional resellers to get its appliances to market, but began Gigamon selling larger accounts it expanded its channel to include national entities such as resellers Accuvant, Fishnet, Foresight and Integralis. It’s also looking to distribute through big names such as Ingram Micro (News - Alert) and Tech Data.


Edited by Tammy Wolf


Sign up for our free weekly Internet Telephony Newsletter!

Get the latest expert news, reviews & resources. Tailored specifically for VoIP and IP Communications.