Embed Size (px)
Citation preview
cPacket cCloud® Series Cloud-Native Traffic Brokering, Capture, Analysis, and Analytics
Overview cPacket cCloud is a series of public/private cloud-native instances to provide visibility-as-a-service (VaaS) for application-aware network performance and security assurance for cloud workloads. Fully integrated with Amazon Web Services (AWS) and Google Cloud Platform (GCP) Virtual Private Cloud (VPC) traffic-mirroring, the cCloud visibility service chain includes cloud-native virtual instances based on the same cPacket cVu-V, cStor-V, and cClear-V series of products that enable network-aware application and security assurance across distributed hybrid environments including branch offices, data centers, and multi-cloud.
Industries such as financial services, healthcare, technology, retail, manufacturing, education, utilities, transportation, government/public, defense, and service providers are implementing digital and cloud-smart strategies and need deeper, contextual, and actionable network intelligence for business continuity, service/experience assurance, security forensics, incident response, regulatory compliance, and capacity planning. However, moving workloads to the cloud without the right visibility tools raises the business risk. For the first-time ever, the cPacket cCloud solution, working in conjunction with leading cloud providers, provides access to key network analytics, metadata, and packet data which enables IT AppOps, SecOps, NetOps, and CloudOps to leverage single-pane-of-glass visibility and consistent workflows not just within cloud, but across full hybrid environments.
The Solution The cCloud solution is a set of tightly integrated services, each contributing towards the value of the overall solution. The first component, cCloud cVu-V is a cloud-native traffic monitoring, processing, and brokering service to cost-effectively, quickly, and reliably feed cloud network traffic to performance and security monitoring tools. Those tools need reliable access to network data as you can only control what you can see. cVu-V not only assures the reliable traffic feed, but it does so through intelligent filtering, replication, and load-balancing while multiplying a single source feed from the cloud provider to multiple destinations, saving costs and enabling visibility you can trust.
The second component, cCloud cStor-V is a cloud-native service for capturing and analyzing the cloud network traffic and storing the packet data to cloud storage. This enriches and complements the job of tools such as threat detection/mitigation, behavioral analytics, cyber-security and application performance monitoring tools which can access cStor-V’s network traffic analysis (NTA) capabilities through progressive drill-down to the flow and packet data levels.
cCloud enables you to: • Access full network traffic
frames/packets for the first-time ever in the public cloud such as AWS and GCP
• Achieve end-to-end single-pane-of-glass visibility in hybrid-IT through the same real-time intelligence in the cloud that is available on-premises
• Perform deep packet inspection on
every packet to facilitate searches for specific hosts, threats, or network compliance deviations
• Have the flexibility of a pay-as-
you-consume model with no strings attached, with full service and support
• Achieve operational efficiency
through scale-as-you-grow cloud flexibility to trigger visibility instances where and how your production workloads migrate or grow
• Simplify network management by
using consistent NetOps , SecOps, AppOps and CloudOps workflows across on-premises and cloud environments
Data Sheet
As the third component, cCloud cClear-V is a cloud-native single-pane-of-glass analytics and visualization service designed for full distributed hybrid environments visibility across branch offices, data centers, and multi-cloud. cClear-V provides a high-level of visibility for every critical link while allowing progressive drilldown to a complete packet-level view of all data. With “business-ready services” views, cClear-V combines detailed performance monitoring, security forensics, and proactive alerts, with rapid real-time data search – allowing issues to be identified quickly. One-click access to network analytics and data, an open platform for easy customization and extraction to other tools, deep packet inspection on every packet on every port, searches for specific hosts, threats, or network compliance deviations and microburst analysis makes cClear-V a favorite of IT teams!
Cloud Visibility Service-Chain
Benefits The cPacket cCloud solution combines a number of key technical features, building upon cPacket’s industry-leading monitoring pedigree, to maximize security and performance analysis-based metrics. The cCloud solution helps organizations deliver on a range of visibility requirements via a powerful combination of benefits, including but not limited to the following:
End-to-End Hybrid/Multi-Cloud Coverage
cPacket cCloud is a true multi-cloud solution supporting Amazon Web Services (AWS) and Google Cloud Platform (GCP) as official partners and integrated solutions. Additionally, the cPacket solution is a complete hybrid solution extending to branch offices and data centers, supporting Cisco NFVIS, VMware ESXi and KVM environments; therefore providing a single-pane-of-glass visibility. Pay-as-you-Consume Flexibility
The cCloud cloud-native solution offers the same capabilities and features as its on-premises counterpart with added flexibility of pay-as-you-consume and scale-as-you-grow using the cloud consumption-based billing model. You can create cCloud VaaS instances on-demand on an hourly, weekly, or monthly basis or simply use bring-your-own-license (BYOL) feature with your preferred CapEx (perpetual) or OpEx (subscription) license to keep control on your IT spending.
Consistent Workflow Simplicity
The access to packet/flow data on-premises and now in the cloud allows IT instrumentation teams to leverage consistent workflows for the NetOps, SecOps, CloudOps, and AppOps related transactional and data mining. With cCloud, it does not matter where the workloads or service components are hosted because you get a consistent experience in collecting, analyzing, and reporting the data.
Open Architecture Integration
The cCloud solution’s open architecture is designed to be integrated with other tools. With an open architecture, cCloud can easily interface with third party analytics and security applications. Additionally, other applications can run alongside cCloud, leveraging existing infrastructure and maximizing flexibility. This is particularly useful to augment virtual security tools such as firewalls, IPS, IDS, DDoS, and SIEM to capture and retain packet data associated with important IOC for investigation.
Deployment and Use Case
cPacket cCloud comprises of a cloud-native software-only solution that can be deployed in a public cloud using BYOL (Bring Your Own License) or consumption-based CapEx/OpEx licensing models. cCloud has a multi-cloud support roadmap and is currently deployable in AWS and GCP integrating with their respective VPC traffic-mirroring services which provides access to network packet data.
Reference Design for Hybrid Visibility Across On-Premises and Cloud
Traffic mirroring duplicates the traffic from Amazon Elastic Compute Cloud (Amazon EC2) or Google compute instances within a VPC and forwards it to performance and security monitoring tools via cCloud. cPacket cCloud allows deep inspection, threat investigation, performance, and capacity planning. With cCloud, customers can natively replicate and monitor network traffic to their tools within their VPC, and further cut the complexity and cost of using forwarding agents or container-based sensors. The result is simplicity, elasticity, and cost savings. To learn more, visit www.cpacket.com
Key Features: cCloud cClear-V cVu-V cStor-V Single-Pane-of-Glass Analytics/Dashboards Yes Fully Integrated Workflows Yes Millisecond Analytics Yes Global Search Yes Data Correlation and Baselining Yes Open API Yes Traffic Aggregation/Replication Yes Packet Slicing/Truncation Yes VXLAN/MPLS/VNTag Stripping Yes
VLAN Tag with Inner VLAN Filtering Yes
Filtering Yes
Packet Deduplication Yes
MAC-in-MAC DC Decapsulation Yes
Role-Based Administration Yes
Software Upgrade/Restore Yes
GUI, Serial Console and CLI Yes
SNMPv2c and MIB Yes
TACACS+/RADIUS Authentication Yes
Time Stamping Yes Yes**
Packet Indexing Yes
Fast/Expedited Querying Yes
Flow Information Yes
Latency/Jitter Analysis Yes
TCP Analysis Yes
Real-Time Analysis Yes
Multicast Video Analysis Yes
Financial Protocol(s) Analysis Yes
Multiple Capture Merge Yes
cClear-V SPoG Analytics Engine Integration Yes Yes
* Projections only. Final specs available by General Availability (GA) and subject to change ** With cPacket cVu-V integration Performance Tiers and Specs: Supported on any AWS nitro-enabled instances and GCP instances with VPC Traffic-Mirroring feature:
cCloud cClear-V cVu-V 1 cVu-V 10 cStor-V 1 cStor-V 10 Tools/Targets/Ports N/A 10* 25* N/A N/A
Captures per Instance N/A N/A N/A 1* 1*
Monitoring/Capture Rate N/A < 1 Gbps* < 10 Gbps* < 1 Gbps* < 10 Gbps*
Cloud Compute m5.xlarge m5.xlarge m5.2xlarge m5.xlarge m5.2xlarge
vCPU 4 4 8 4 8
Memory 16 GB 16 GB 32 GB 16 GB 32 GB
Bandwidth < 10 Gbps < 10 Gbps < 10 Gbps < 10 Gbps < 10 Gbps
Default Cloud Storage N/A N/A N/A 50 GB 50 GB
Maximum Cloud Storage N/A N/A N/A 8 TB 16 TB
Technical Specifications
Refer to AWS or Google Cloud Market Place(s) for usage/consumption-based pricing. Below is the ordering information for BYOL subscription SKUs:
Service Instance Description
CP_CVU_V_1_10_SUB cVu-V virtual appliance 1-year subscription license (single instance) supporting 10 virtual ports at up to 1Gbps aggregate monitoring throughput. Gold level maintenance included.
CP_CVU_V_10_25_SUB cVu-V virtual appliance 1-year subscription license (single instance) supporting 25 virtual ports at up to 10Gbps aggregate monitoring throughput. Gold level maintenance included.
CP_CSTOR_V_1_8TB_SUB cStor-V virtual appliance 1-year subscription license (single instance) supporting up to 1Gbps capture-to-disk rate and up to 8TB virtual storage space (upgradable). Gold level maintenance included.
CP_CSTOR_V_10_16TB_SUB cStor-V virtual appliance 1-year subscription license (single instance) supporting up to 10Gbps capture-to-disk rate and up to 16TB virtual storage space (upgradable). Gold level maintenance included.
CP_CCLEAR_V_SUB cClear-V virtual appliance 1-year subscription license (single instance). Gold level maintenance included.
CP_CCLEAR_CON Annual license to connect with cClear appliance or cClear-V software instance at 3% of the list price of the connected device
About cPacket Networks cPacket Networks delivers visibility you can trust through network monitoring and packet brokering solutions to solve today’s biggest network challenges. Our cutting-edge technology enables network and security teams to proactively identify issues in real-time before negatively impacting end-users. Only cPacket inspects all the packets delivering the right data to the right tools at the right time and provides detailed network analytics dashboards. Whether you need greater network visibility for security tools or performance monitoring tools, our solutions are designed to overcome scalability issues and reduce troubleshooting time. The result: increased security, reduced complexity, with lower costs, and a faster ROI. Based in Silicon Valley, CA, cPacket enables organizations around the world to keep their business running. Leading enterprises, service providers, healthcare organizations, and governments rely on cPacket solutions for improved agility, higher performance, and greater efficiency. Learn more at www.cpacket.com, the cPacket blog, or follow us on Twitter, LinkedIn, and Facebook. cPacket, cPacket Networks, cCloud, cClear, cClear-V, cVu, cVu-V, cStor, cStor-V, cTap, SPIFEE, Distributed Monitoring Architecture, and Integrated Monitoring Fabric are trademarks or registered trademarks of cPacket Networks.
Ordering Information
