FileNewTemplate

SDN and Advanced Network AnalyticsDave Ginsburg, CMOThe Network Hypervisor

CIO Top of Mind / Priorities: Security and Visibility

Bare Metal

Push security all the way into the data centerActive / self-defending and distributedMulti-layer - secure the exterior and the interiorMonitoring and visibility into overlay and underlayCommon toolsEliminate duplicate architecture for tapsApply services to 100%, not 20%

Protect your companys reputation - eliminate data lossMore capability for NetOps without retrainingSecurity identified as area of greatest new funding in 2015

Fabric Applications

Pluribus Core Technology: Netvisor Network OS for merchant silicon platforms

Runs on white box, brite box and wedge style platforms

L2 or IP/BGP Fabric

Fabric ApplicationsBringing Hyper-Convergence To The NetworkSimplify InfrastructureReduce time to deployRun any application @ scale

ComputeStorage

Compute & Storage

Simplify InfrastructureReduce time to deployRun network virtual services w/ HW off-load (reduce appliance sprawl)StorageCompute

Network FabricNetwork

Network As A True Extension of Compute

Traditional Switch

SDN Server-Switch ODM/OCP white box

SwitchChipNetvisor

SDN Hyper-Converged SwitchNetvisor Leaf-Spine POD Architectures

IP

L2Up to 28 racks w/ E28Q-L

Up to 28 racks w/ E28Q-L

L2 + Fabric Cluster++ Single pt of mgmt++ Broadcast-free fabric ++ Fabric-wide visibility (ports, VMs)++ Single pt of mgmt ++ Fabric-wide visibility (ports, VMs)

IP + Fabric Cluster

Bare Metal

North-South Traditional Security PerimeterAs low as ~20% of the trafficSecure VMsLimited/no security for mare metal computeNetwork Fabric: Limited/No security for East-West trafficAs high as ~80% of trafficFabric value in monitoring and visibilitybut a separate monitoring fabric is requiredSecurity As A Layered Architecture: Current

Bare Metal

E-W/N-S visibility of services/apps Forensic analysis, auditing, security (flow filtering w/ packet capture)Capacity planning (network utilization, traffic patterns, hot-spots)Optional addition of virtual firewalls within fabric for east-west and in-rack securityEliminate taps and separate visibility fabric!Security As A Layered Architecture: Integrated Client-Server Connection Flow Analytics Client-server conversations, Top talkers, Top listeners, SYN-flood attack monitoring

Application-aware Flow Analytics Fabric BW by applications, application latency

Server VM/Overlay visibility VM traffic connection analysis/mobility

Forensic Data RecorderForensic analysis, compliance, capacity planning, troubleshooting

Fabric Sniffer Full flow packet capture with filtering. Store flow packets in PCAP format. Onboard wireshark. Netvisor Tap-Free inFabric Analytics

Analytics Deployment For Brownfield Networks

Production Network3rd party ToolsNetwork MonitoringApplication MonitoringSecurity ToolsUC/VoIP MonitoringNetvisor Visibility FabricSpan/TapsIntelligent Packet Broker:Tap Aggregation + Full Flow Analytics & Forensic Data Recording

demo

DDoS Demo

Thank You!www.pluribusnetworks.com