Описание решений
GigaVUE-HC2
The flexible GigaVUE-HC2 chassis offers an elegant multi-functional
design with four (4) front-facing bays that can accommodate an assortment
of port, bypass, and embedded TAP modules, addressing a variety of user
needs within a highly flexible, multi-purpose node. Common port modules
are available for 1Gb, 10Gb, and 40Gb. Physical and logical bypass options are available for inline monitoring tools such as Intrusion
Prevention Systems (IPS) and anti-malware. This is also the first Visibility Fabric™ node to consolidate TAPs internally within the system
for added security, space savings, reduced cost, and expanded functionality.
The GigaVUE-HC2 leverages Gigamon’s patented Flow Mapping® technology for complete aggregation, replication, and filtering
capabilities. Optional GigaSMART® functionality is available for intelligent slicing, masking, De-duplication, FlowVUE™, stateful GTP
Correlation, SSL Decryption, and other applications such as NetFlow Generation via a front- or rear-facing GigaSMART module. This
combination provides a diverse, multi-functional design to adapt to customer requirements and grow as needs expand. Advanced
clustering enables tight integration with other GigaVUE-HC2 nodes including the larger GigaVUE HD Series or the smaller, fixed-port
GigaVUE-HB1 fabric node to enable hundreds of ports to be managed as a single system.
Внешний вид шасси в лаборатории ITbiz c полу-установленными картами BPS-HC0-D25A4G и SMT-HC0-X16:
Внешний вид полностью укомплектованого шасси:
GigaBPS modules
The GigaVUE HC Series GigaBPS modules provide bypass protection to inline tools such as Intrusion Protection Systems (IPS). These innovative modules contain a combination sixteen (16) regular SFP/SPF+ port cages and four (4) pairs of specialized physical bypass ports to ensure traffic continuously flows through inline security gates.
The module leverages two levels of bypass protection:
1. Physical Bypass
2. Logical Bypass
GigaSMART
GigaSMART® technology extends the intelligence and value of the Gigamon Visibility Fabric™ architecture by enhancing your monitoring infrastructure and improving tool performance. A range of applications are available to enable the modification, manipulation, transformation, and transport of traffic from your network to the tools you rely upon for management, monitoring, and security.
The GigaSMART technology is available on the GigaVUE-2404 and GigaVUE H Series Visibility Fabric nodes. GigaSMART operations can be applied to any network or tool port on the chassis or the entire cluster, allowing maximum flexibility in configuration and provisioning.
SSL Decryption
• Provide visibility into encrypted sessions
• Send decrypted packets to multiple out-of-band tools: IDS, DLP, APM, CEM, etc.
• Private server keys are encrypted and protected by role-based access controls
De-duplication
• Relieve tool processing resources when packets are gathered from multiple collection points along a path by only forwarding a packet once
• Remove packet duplication caused by inter-VLAN communication or incorrect switch configuration
Adaptive Packet Filtering
• Filter across advanced encapsulation headers including VXLAN, VN-Tag, GTP, MPLS, etc., and inner (encapsulated) Layer 3/Layer 4 packet contents
• Apply pattern matching on plain text or regular expressions
NetFlow Generation
• Increase infrastructure efficiencies by offloading NetFlow Generation to the Visibility Fabric
• Generate NetFlow records without sampling to facilitate true response and root cause capability
• Export records to up to six (6) collectors supporting NetFlow v5/v9 and IPFIX
GTP Correlation
• Optimize tool infrastructure by accurate filtering, replicating, and forwarding monitored subscriber sessions
• Correlate subscriber sessions (control and data) to offload tools, increasing throughput
• Facilitate drilldowns into roaming users across peer networks
...
Full - https://www.gigamon.com/PDF/datasheets/DS-GigaSMART-4003.pdf
------
В слот на обратной стороне вставляется только карта GigaSMART (без портов).
Модуль управления устанавливается на задней панели под куллерами.
Платы можно ставить "на горячую".
Генерация NetFlow возможна только с модулем Gigasmart и соответствующими лицензиями.
Первичная настройка после включения:
admin/admin123A!
enable
conf t
config jump-start
прописать настройки в диалогом режиме
write memory
card all - инициализация карт
Диагностические команды:
show card
show chassis
show system
sh interfaces eth0 - посмотреть интерфейсы управления
show port stats port-list 1/1/x2,1/1/x5,1/4/x2
show port stats port-list 1/1/x2,1/1/x5..1/1/x8
ITBiz (config) # port 1/1/x5 type ?
hybrid
inline-network
inline-tool
network -- uplink (трафик только входит)
stack -- только для создания стека
tool -- downlink (трафик только выходит)
Комментариев нет:
Отправить комментарий