NetEnforcer and NetReality Products
Download
Report
Transcript NetEnforcer and NetReality Products
Allot Communications
NetReality™ Product Overview
NetReality overview
NetReality controls the assignment of bandwidth, ensuring
delivery of critical applications
Dedicated monitoring and traffic shaping device with central
management software
Integrated software & hardware solution
WAN based or LAN based multi service platform – one
device, multiple functions:
7-layer real time and historical monitoring, traffic shaping, SLM,
CSU/DSU functionality, Accounting, Security, VoIP management
2
NetReality overview
Without NetReality:
Bandwidth is used inefficiently, creating uneven
traffic flow, and dropped packets.
Business suffers while non-critical applications crowd
out critical ones.
With NetReality:
Assignment of bandwidth is controlled, ensuring
delivery of critical applications
3
Key Principles Behind NetReality
The WAN edge is the site of critical network
application exposure – the bottleneck.
NetReality WAN based platform protects the site of
greatest bandwidth constriction
scalable architecture: The NetReality system uses a
central monitoring and policy management system
with distributed remote devices, performing as both
probes and shaping policy execution points
User friendly, point & click, JAVA based Graphical
User Interface
4
NetReality System Architecture
The NetReality system is comprised of three basic
modules:
NetReality WiseWan Devices
NetReality Server and Database - Central
management server built on top of an industry
standard SQL database
NetReality Console (GUI)
5
NetReality System Architecture
HQ
Router
CSU
WiseWan
Traffic Data sent
Using Compressed
SNMP
WAN
CSU
NetReality Server and
Database
Router
Site A
6
NetReality System Architecture
TCP/IP
SQL Queries
HQ
Console
Router
CSU
WiseWan
Reports
Generated in
Console
WAN
CSU
NetReality Server and
Database
Router
Console
Site A
7
NetReality System Architecture
Policy Stored
in Database
Shaping
Policy
Update
HQ
Router
CSU
WiseWan
WAN
CSU
NetReality Server and
Database
Router
Console
Site A
8
NetReality System Architecture
Policy Stored
in Database
HQ
Router
CSU
WiseWan
Policy Distributed
automatically
WAN
CSU
NetReality Server and
Database
Router
Console
Site A
9
NetReality Benefits
Ease of Installation:
Fully automated install scripts for software
installation
Modest system requirements
WiseWan devices use auto-detect features to allow
very simple installation on the WAN link
Multiple remote management functions available
after installation
10
NetReality WiseWan
The WiseWan is a dedicated hardware device located
on the WAN edge.
It functions as a QoS Policy Execution Point,
manipulating the traffic on the link to conform to the
corporate policies
In addition the WiseWan functions as a remote probe
monitoring traffic at all 7 layers
The WiseWan Classifies more than 700 applications
and protocols and performs deep packet inspection
classification based on content
11
NetReality WiseWan
The WiseWan is a powerful network device, with
multiple CPU architecture
Based on an industry standard real time operating
system - VXworks
Remote management of the unit is done through the
standard WanXplorer console
Supports telnet, SNMP and FTP version download for
maintenance
12
NetReality WiseWan
The WiseWan is an SNMP agent:
Generates standard traps to alarm on events in the network
RMON2, MIB2, FR-MIB and other standards compliant
(Concord support)
compressed statistics are transmitted to the WanXplorer
database using SNMP with a private MIB – reducing the
telemetry overhead up to 5% of typical RMON2 solutions
2 management connection options:
10/100 Ethernet side-band IP connection
10/100 Ethernet or on-the-WAN in-band IP
connection
13
NetReality WiseWan
Multiple WAN & LAN Interfaces:
Low speed serial lines – up to 12 mbps (V.35, X.21,
X.24, RS232, EIA530, RS449)
High Speed Serial Interface (HSSI) – up to 52 mbps
Native DS1 E1/T1 lines – 4 wire (BNC, RJ48, DB15)
CSU/DSU Model (DS1 and Serial)
Channellized T1/E1
10/100 BaseT Ethernet
14
WiseCable
The WiseWan WiseCable is an
intelligent cable that
bypasses any power failure
or hardware breakdown. In
such an event, the
WiseCable ensures that the
data continues to flow on
the line by detaching the
WiseWan from the network
as soon as a breakdown
occurs. The network
continues to operate
smoothly until WiseWan is
operational again.
15
WAN Network
CSU/DSU (DB-25
male connector)
WAN Network
Router side
(DB-25 female
connector)
WiseCable for
G703 (RJ-48)
Balanced TEM
RJ-48 connectors
DB-60M to
WiseWan WAN port
WiseCablefor
G703 coaxial
Unbalanced TEM
4 BNC connectors
NetReality WiseWan
Serial Connection
16
NetReality WiseWan
Inline T1 Connection
17
NetReality WiseWan
CSU DSU Connection
18
NetReality WiseWan
On The WAN Solution
ERRORS
FECN
FECN
19
BECN
BECN
CIR
CIR
NetReality WiseWan
LAN Product
Can see all traffic on star topology
networks ?
Can see WAN circuits - Frame Relay,
channellized E1/T1 ?
Can monitor WAN layer 1 & 2 - errors,
performance, congestion ?
Can have QoS adaptive to WAN circuit
congestion ?
Can be managed from the WAN
without LAN access ?
Supports multiple LANs in a router
with one device ?
Can handle router based VoIP/SNA
gateways ?
20
r
r
r
r
r
r
r
WAN Product
NetReality WiseWan
PBX
WiseWan
The VoIP Advantage
VoIP Traffic
Router
LAN Shapers
LAN
21
Serial V.35, X.21
DSU
WAN
NetReality WiseWan
Deep Packet
Inspection
Application
HTTP analysis for URL and
MIME type, Citrix – Application over
MetaFrame, Oracle SQLNET info,
H.323 call information…
Transport
700+ Applications over IP and
IPX including dynamic port tracking
TCP,UDP,SPX, ICMP…
Network
IP, IPX, DECNET, SNA, APTLK …
Link
Frame Relay, PPP , HDLC …
Physical
T1 ,E1 ,CHE1/T1 ,G.703 ,V.35 , X.21…
WAN ONLY
22
NetReality Server
Central management software running on Sun/Solaris
2.51, 2.6, 2.7, 2.8 or MS Windows NT 4.0 or Windows
2000
using an industry standard SQL database – Sybase is
included and embedded in the product
Enables easy integration with third party applications
The database is self-managed; therefore database
system administrator intervention is not required – it
will perform automatic database management, backup,
data aging and purging
This integrated database extensively and periodically
polls the WiseWan NAPSs it manages, and inserts the
information into the database
23
NetReality Server
WanXplorer features include:
Management of multiple NAPSs from one central
location
Integration with leading management platforms,
such as HPOV and CiscoWorks
Acts as the Policy Server (PDP) for the WiseWan
devices – The servers is a central data repository for
the system - statistics, configuration, shaping policies
Allows distributed deployment across multiple server
to enhance performance and scalability
24
NetReality Console
Java based, platform independent application - Unix,
NT, Win95/98/2000
Pure client - connects to the NetReality server, does
not store anything on the client station
Can be launched from a web browser or as a native
Java run time program
Provides reports based on statistics from the
database for viewing or export
Acts as the event console for all system and network
events detected by WiseWan
25
NetReality Console
Multiple consoles, can reside anywhere on the
network
Easy to use, point and click GUI, with both graphical
and textual views, and drill down capabilities
Password protected to restrict access - Embedded
security with multiple access levels for different users
and groups
Integrates with HP/OV NNM
26
NetReality Monitoring
Measuring the real bandwidth on the WAN
The available bandwidth on public networks varies
continuously, and may be below, at, or above the
bandwidth the carrier agreed to deliver (in FrameRelay - the CIR)
The WiseWan can analyze the circuit performance
and report back to the user
Real time monitoring and analysis for troubleshooting
purposes
Long term storage of all monitoring data for History
analysis and capacity planning
27
NetReality Monitoring
Line utilization, errors and bursts
Frame Relay analysis:
Congestion - FECN , BECN
PVC performance (can you reach your CIR)
Response time measurement per PVC
PVC Usage
Protocol / Application / Host distribution analysis
Conversation monitoring: top hosts, talkers and
listeners, application bandwidth distribution per
session
28
NetReality Monitoring
29
NetReality Monitoring
30
NetReality Monitoring
31
NetReality Monitoring
32
NetReality Monitoring
Line and PVC Service Level Agreement:
Availability
Mean Time Between Failures
Mean Time To Repair
Response time average and breaches
Frame Relay congestion breaches (BECN below CIR)
Summery and detailed failure reports available
33
NetReality Monitoring
34
WanTel
Enhanced management and control facilities for
voice-over-IP H.323 and SIP traffic
WanTel enables NetReality WiseWan to recognize
VoIP traffic, and perform monitoring and traffic
shaping of that traffic
WiseWan will distinguish between voice, video and
data sessions, as well as RAS, RTP (Real Time
Protocol) and RTCP (Real Time Control Protocol)
conversations
WanTel is an add-on for the WiseWan product family,
requiring an additional license for usage
35
WanTel
Used to monitor and shape VoIP traffic
WanXplorer provides reports for VoIP in Real-time
and History. This includes information regarding VoIP
PBX statistics (call and signaling information) and a
detailed calls report
The traffic shaper can guarantee bandwidth or limit
the number of voice calls, Prioritizing voice and data
transmissions for best bandwidth utilization
36
WanTel
37
WanAccountant
Application usage accounting tool for Frame Relay and
IP networks, Works in conjunction with the WiseWan
server management system
Enables allocation of WAN charges to enterprise users
based on service level criteria
Tracks usage by applications or groups of applications;
application servers or application server groups;
departments or business units and even time-of-day
WanAccountant is an add-on for the WiseWan product
family, requiring an additional license for usage
38
WanAccountant
39
Classification and Prioritization
Shaping policies are configured by the user using a
point and click central policy console, and then
distributed to the WiseWans
WiseWans use advanced protocol and application
decoding to classify the traffic in wire speed and
determine if shaping is necessary
Traffic to be shaped will be queued by priorities
WiseWan releases the frames back at line speed, but
different order - according to policy
Low priority sessions will be delayed and slowed
down, high priority sessions will be accelerated
40
Traffic Classification
Applications and Protocol
Support for more than 700 protocols and applications, including
recognition of some applications using dynamic ports, user defined
applications, and application header information – Citrix Published
apps, Oracle information, HTTP URL and MIME type
Direction
Server and Client
Host
Source and destination: Hosts, networks, IP subnets and user
groups, by defining their IP or IPX address
Schedule
Time of day, day of week
Circuit
Line or DLCI that the policy needs to be applied on
41
WiseWan Policy
42
Traffic Shaping
Traffic shaping actions:
Prioritization - the priority level of the rule by using the 6level slider. The range is: Pass through, High, MediumHigh, Medium, Low, and Block. Pass through allows
data to be transmitted with highest priority with no
constraints. Block prevents all data from being transmitted
Bandwidth guarantee - minimum amount of bandwidth that
this conversation/class should be guaranteed to
Bandwidth limit - maximum amount of bandwidth
consumption that you want this conversation/class to
consume
DiffServ Tagging – overwrite the DiffServ tag with a custom
tag based on it’s calssification
43
WiseWan Bandwidth Policy
Editor
44
Shaping Per PVC
The Shaping Per PVC functionality allows WiseWan to
guarantee bandwidth for congested PVCs regardless of the
overall line congestion
All WiseWan NAPS systems are defined by default for shaping
per PVC.
How Shaping Works - The user defines the Committed
Information Rate (CIR) and the Maximum Information Rate
(MIR) for each DLCI
Shaping is triggered when traffic utilization on the PVC reaches
~85% of the MIR, and shaping stops when utilization drops
below 60%
Limits always work
45
WiseWan Shaping per PVC
46
Scheduled Reports
NetReality console includes the ability to configure
reports that will be created automatically
Choose report type, object to be generated on
Report format (Various HTML templates, PDF, applet,
CSV)
Customize reports to be generated (Graph type etc)
Interval for report creation (hourly, daily etc)
Time frame for report (hourly, daily etc)
Target directory to publish the report to
47
Event Notification
NetReality Console will allow the user to define which
events (line up/down, high utilization etc) will trigger
notifications
Filter events by different parameters
Define timeouts for event notification
Forward events to email, pager
Launch scripts as reaction to events
Customize event notification message format
48
Product Family
All WiseWan Systems
come complete with:
- WiseWan Device
- Cables
- Server and Database
software
- Client Software
Some models available
as rack-mount or desktop
models, Serial line, in-line
DS1, CSU/DSU, or
Ethernet (Broadband)
models
49
WiseWan 50: 128kbps
WiseWan 100: up to 512 kbps
WiseWan 200: up to 2mbps
WiseWan 230: Channellized T1/E1
WiseWan 400: up to 12 mbps
WiseWan 600: up to 52 mbps
WiseWan 1001: up to 100 mbps
Add-on software modules
WanTel Voice over IP
WanAccountant
Competitive Landscape
BW
Mangment
(min/max)
50
Application
Priority
WAN
Monitoring/
Shaping
Centralized
Reporting/
Pol Mgmnt
NetReality
√
√
√ /√
√ /√
NetEnforcer
/ NetPolicy
√
√
-/-
√/-
Packeteer
√
√
-/-
√ /√
Sitara
√
√
-/-
√ /√
Visual
Networks
-
-
√/-
√/-
NetScout
-
-
√/-
√/-
Market Segmentation
Enterprise
WAN BW
Mangment
51
Enterprise
Application
Priority
Enterprise ISP (CPE)
WAN Mon/ WAN Mon/
Shaping
Shaping
NetReality
√
√
√ /√
√ /√
NetEnforcer
/ NetPolicy
√
√
-/-
-/-
Packeteer
√
√
-/-
-/-
Sitara
√
√
-/-
-/-
Visual
Networks
-
-
√/-
√/-
NetScout
-
-
√/-
√/-
IDC on SLA
Today’s cost-conscious IT managers
are monitoring SLAs and the
utilization of bandwidth as a way to
optimize their relationships with
carriers based on changes in their
business, such as layoffs and
downsized ecommerce initiatives,
or simply making sense of overprovisioning practices
52
Contact Details
Americas
Europe, Middle East and Africa
Japan
250 Prairie Center Drive #335
World Trade Center
Nishi Ginza Bldg 2F
Eden Prairie, MN 55344
1300, Route Des Cretes
5-5-9 Ginza Chuo-ku
Tel: (952) 944-3100
BP 255 Sophia Antipolis Cedex
Tokyo 104-0061, Japan
Fax: (952) 944-3555
France 06905
Tel: 81 3 5537-7114
Tel: 33-(0)4-92-38-80-27
Fax: 81 3 5537-5281
www.allot.com
[email protected]
24/7 Support:
1-800-204-1364
53
Fax: 33-(0)4-92-38-80-33
International HQ
Asia Pacific
5 Hanagar Street
9 Raffles Place
Hod Hasharon, 45800
Republic Plaza #27-01
Israel
Singapore 048619
Tel: 972-(0)9-761-9200
Tel: 65-6832-5663
Fax: 972-(0)9-744-3626
Fax: 65-6832-5662