Big Switch Unveils Advanced Network Telemetry for Pervasive Security and Deeper Visibility
SANTA CLARA, Calif., April 26, 2018 (GLOBE NEWSWIRE) — @BigSwitch Networks®, The Next-Generation Data Center Networking Company, today unveiled new innovations for Big Monitoring FabricTM (Big Mon) that enable network and security operations teams to capture cloud-native data center network traffic at scale, and provide deep application-level analytics. Big MonTM Recorder Node allows high-performance packet recording, querying and replay functions, and Big MonTM Analytics Node provides unprecedented network visibility to monitor, discover and troubleshoot network and application performance issues as well as accelerate root cause of security breach discovery. With Big Mon Recorder and Analytics Nodes, customers can now achieve deep network telemetry for both cloud-based and traditional data center environments and have the ability to replay past conversations across users and applications with a single-click. Architecture flexibility allows Big Mon to easily extend to multi-cloud environments, including hybrid cloud and public cloud deployments. “Big Switch has pioneered the use of cloud-native networking architectures to achieve pervasive network visibility and enhanced network security,” said Prashant Gandhi, Chief Product Officer, Big Switch Networks. “With the launch of Analytics Node and Recorder Node, Big Switch further distances itself from legacy box-based solutions, offering unmatched network telemetry to achieve root cause analysis, breach mitigation, and faster mean time to resolution.” It is estimated that nearly 8.5 billion devices are connected to the Internet today. In order to support the digital economy, cloud-native applications are being developed and deployed at increasing rates to collect and optimize the vast amounts of data being generated. The nature of cloud-native applications generates a significant increase in East-West network traffic, providing new attack vectors beyond the hardened DMZ-protected North-South traffic. Unfortunately, the volume, velocity and sophistication of cyber attacks are also intensifying, resulting in the need for pervasive network security and visibility solutions. To mitigate against cyber attacks, network packet brokers (NPBs) are required as part of a holistic network security strategy. Traditional box-based, hardware-centric NPBs are architecturally constrained to meet emerging security and visibility demands of cloud-native data centers. The University of Oklahoma deployed Big Monitoring Fabric nearly two years ago. Initially the University made the decision to replace an incumbent legacy NPB solution with Big Mon, due to its ease-of-use, and the versatility of the product appealed to its innovative IT team. Additionally, the University has achieved twice the visibility at nearly 50% CAPEX savings. The University has since deployed both Big Mon Analytics Node and Recorder Node in order to address the following challenges: Unauthorized Application and Device Sprawl, Capacity Planning and Threat Mitigation. The University already used multiple security tools, Analytics Node is being leveraged to optimize tool usage and make them more efficient. According to The University, when it gets a Phish, they try to find out how many users replied or visited the website in the email or submitted their credentials to a website. Given BRO doesn’t capture the POST data by default, the University relies on Big Mon Recorder Node, to enable a full packet capture device to match users to IP’s on its network in order to easily determine who submitted credentials. While Phished user passwords are immediately reset, the University leverages Big Mon to determine if credentials were used for malicious activity, and to monitor accounts for possible login from external IP’s. “As a leading public University, which serves a very large number of users, Analytics Node and Recorder Node have provided us with an efficient, cost-effective and scalable way to address multiple challenges that we faced due to having an open network,” said Aaron Baillio, Managing Director, Security Operations and Architecture, University of Oklahoma. “Analytics Node together with the packet capture capability of the Recorder Node has allowed us to reinforce security posture by rapid impact analysis and mitigation of compromised user credentials.” Inspired by the design principles of hyperscale operators, Big Switch’s Big Mon leverages SDN controls, a fabric architecture based on open networking (britebox/whitebox) switches and DPDK-powered x86 servers to deploy highly scalable, agile, flexible and cost-effective network visibility and security solutions. This next-generation NPB architecture is highly flexible, with fabric switches providing L2-L4 filtering at line rate, while DPDK-based x86 nodes provide high-speed packet-level and flow-level services with Big Mon Service Node, recording and playback with Big Mon Recorder Node and deep application-level visibility with Big Mon Analytics Node. All of the components are fully controlled and managed by the Big Mon Controller, thus enabling organizations to deploy large scale monitoring fabrics within existing OpEx budget. Big Mon architecture is also inherently scale-out, allowing customers to start with a single monitoring switch, and grow the fabric on an as-needed basis. Big Mon Service Node, Recorder Node and Analytics Node can be deployed in clusters to enable independent scale-out. “Big Switch is bringing cloud-scale analytics and integrated packet flow recording to multi-cloud software-defined infrastructure,” said Stephen Collins, Principal Analyst, ACG Research Network Visibility and Analytics. “The Analytics Node and Recorder Node offer organizations a simple and more cost-effective solution for rapidly detecting performance anomalies, identifying security issues and conducting forensic analysis.” Big Mon Recorder Node – Next-gen Packet Recorder With vast amounts of data traversing the data center network, traditional packet capture solutions are unable to efficiently and affordably scale. The need for a next-gen packet capture solution for forensic analysis of events and inefficiencies is clear. Recorded data allows network IT teams to replay the specifics of an event and provides them with the necessary context to solve operational and security threats, by retrieving a historical record of the exact moment a service anomaly occurred, in order to derive root cause and predict future trends. Big Mon Recorder Node is high-performance packet recorder software, deployed on a commodity x86-based server. The Big Mon SDN controller automatically discovers the Recorder Node, ensuring a single point of configuration and device lifecycle management. Multiple Recorder Nodes can be strung together, allowing end-users to store more network traffic for longer periods and retrieve them via the Big Mon Controller or Analytics Node with agility and simplicity.