We're going to be able to ask our

computers to monitor things for us,

and when certain conditions happen,

the computers will take certain

actions and inform us after the fact.

~ Steve Jobs

Network Packet Monitoring Optimizations Powered By SDN

Dharmraj Jhatakia, GM & Head of Data Centre Technologies Happiest Minds Technologies Private Ltd

Overview of Network Monitoring

Quick Recall on Techniques of Network Monitoring

• Active Probing – Injecting special packets

• Device Probing – Querying for device properties e.g. SNMP

• Log Analysis – Analysis of system generated data

• Flow Collection – Flow level data analysis - NetFlow.

• Packet Monitoring – Most advanced, packet level, granular monitoring technique

Why Monitor ?

• Recording of conversations

• Next Generation Firewalls, IDS, IPS

• Lawful Interception by Telecom Service Providers

• Proactive Network Performance tuning

Typical Deployment

MonitoringFunction

Original Data

Replicated Data

MgmntConnect

Inline Monitroing

SDN Powered Packet Monitoring

Challenges of Today’s Data Centre

• Virtualized Work Flow and challenges with VM movements

• Redundancy and Availability at Low Cost

• Optimal usage of capacity for production traffic

• Contention for limited SPAN ports

SDN enabled monitoringdeployment

VM Migration Use Case

VM is hosted onServer Rack 1

VM Migration Use Case

VM is hosted onServer Rack 1

MD3

SWBSWE

SWFSWA

Traffic Originating fromVM and destined toSwitch F is being monitored on MD3.

VM Migration Use Case

VM Migrates toServer Rack 2

SWE

SWF

MD3

SWB

SWA

SWD

VM Migration Use Case

New PktIn From Switch D to SDN Controller

MD2 Enabled

MD3

SWBSWE

SWFSWA

SWD

MD2

SWBSWE

SWFSWA

SWD

MD2

Mirroring on SWB disabled

Monitoring on MD3 Disabled

Optimizing Distributed Monitoring - Fail Safe

Optimizing Distributed Monitoring - Conservation

Efficient Capacity UsageOn Demand Mirroring• Traditional monitoring system use primitive filters and

hence replicate lot of unnecessary traffic

• SDN & DPI can help us perform on demand monitoring

• For example: Enabling Monitoring only for VOIP traffic from a particular source

• PktIN received at controller can be sent to DPI engine which computes the resultant action

• The controller, based on the action, performs the configuration and hence an optimal on demand monitoring

Business Benefits of SDN Powered Packet Monitoring

Why would they Care for SDN enabled Monitoring?

• Enterprises and CIOs

• Capex savings – Monitoring solution deployed using WhiteBoxSwitches, ODL controller, and a variety of free tools

• Opex savings distribution of monitoring functions without replication

• For Existing Monitoring Solutions Vendors

• Offer scale as you go / pay as you go models

• Ability to break into price sensitive customers

• Allow to focus on feature rich solutions and

advanced applications

Who and Why Do they Care for SDN enabled Monitoring?

• For Start Ups

• Focus on building innovative solutions and reducing time to market

• For ISPs

• Agility and flexibility of offering monitoring services

• Newer business models

Case StudyHappiest Minds Co-Creation with a leader in Packet Monitoring

Our Visionary Customer’s approach

• Customer, one of the top players in Packet Monitoring solutions, wanted to offer a new monitoring solution which is based on bare metal switches and SDN controller. [

• Customer evaluated multiple options, but nailed down on OpenDayLight as the controller

• Wide range of platform features which can speed up implementation

• Flexibility and Robustness

• Ability to leverage the contributions from a

very smart community of developers

Happiest Minds’ Contribution to the Solution

• Customization and hardening of security

• Customization of the ODL modules

• Development of monitoring function SDN applications

• Transformation of the Monitoring application, which is the core IP of the customer, to an SDN Application

THANK YOU