Scope: Implement a platform that can feed real-time network traffic information into a sophisticated security sensor.
Equipment Used: VSS HD Fiber Taps, VSS vBroker, VSS Optimiser 2400
Delivery: The biggest challenge with this design was the sheer amount of data available. The customer had purchased two Security Sensors, one located in each of their UK data centres. The issue was that the source of this information was vast – dozens of blade enclosures, WAN links, Internet connections and other appliances, all had to be aggregated and that information fed back.
The approach taken was to implement a hierarchical stack of equipment to build the Unified Visibility Plane. At the base layer was a combination of single-mode and multi-mode fibre taps for the ten gigabit connectivity, with Optimiser 2400s deployed to receive and aggregate the laser energy redirected from the taps. A large number of vBroker appliances, fully populated with power-safe copper modules were also provisioned for the one-gigabit connectivity. The feeds from these devices then fed into a set of vBroker 220 appliances, which were capable of agggregating all of the traffic from the sources, where it was filtered according to the requirements of the Security team, before finally sending a single stream of traffic to the Security Sensors.
Audience: Primarily technical staff from the Networks, Security and Data Centre teams.
Challenges: The biggest concern was the actual cabling that was required in order to accommodate the various sources. It became clear that ad-hoc requests were simply not viable, so the solution decided upon was to purchase a large number of the fibre tap modules and locate these in ‘top of rack’ locations, minimising the amount of re-cabling that had to be done. Unfortunately the budget didn’t allow for that, so a ‘middle row’ option was chosen which suited all involved. The other issue was around the sheer volume of data that was being acquired – some clever filtering was required on the different appliances to filter the traffic stream, such that only the required traffic was passed up the stack to the Security Sensors.
Takeaways: There was an additional layer of complexity because this functionality was retro-fitted to an existing data centre. The equipment is expensive, however the stream presented to the Security Sensors was found to be of an extremely high quality with little or no artefaction, which was exactly what we set out to deliver.