The SDx (software defined everything) trend is continuing to change how networks work. Visibility needs change as organizations transform their data centers to use more white box or non-proprietary hardware, with software as the defining capability to drive their functions. Visibility needs to be flexible, intelligent, and centrally managed, to parallel how the network is managed.
Just as software defined network (SDN) controller serves to configure a network, Ixia Fabric Controller (IFC) is an SDx controller for visibility available for through Ixia’s Vision portfolio of network packet brokers (NPBs). A highly available, resilient and easy-to-use intelligent monitoring platform, IFC works across physical and virtual network environments to provide software defined visibility (SDV) helping to accelerate application delivery.
The benefits of IFC include:
- Effective troubleshooting for enhanced network security, application performance, and SLA fulfillment
- Centralized network visibility management and operational control via a single pane of glass
- Scales monitored segments and tools without increasing management overhead
- Cost-effective visibility deployment that is easy to change as networks evolve, to ensure networks are properly secured and managed
- Open API’s for seamless integration with SDN Controllers, including Cisco ACI
A security and monitoring fabric
Like an SDN controller does for a network, Ixia Fabric Controller (IFC) provides centralized management of your Vision network packet brokers (NPBs). With IFC, multiple Vision NPBs can be connected to create a security and monitoring fabric that operates as a single, cohesive layer that sits between the network and security and monitoring tools. This centralized, single fabric offers resilience, flexibility, and scalability for your network.
Ixia Fabric Controller Features
- Single Interface
- Centralized Management
- SDN Ready
- Smart Fabric
- Multiple Topologies
- Modes of Operation
Single Interface (SINGLE PANE OF GLASS)
Ixia Fabric Controller (IFC) provides central management across many network packet brokers (NPBs) and does it with Ixia's well-known easy-to-use drag-and-drop interface. The management interface has the same intuitive network (data center, cloud, etc.) to tools (security, monitoring, etc.) layout. Moreover, all ports or interconnects are viewable in a single pane of glass.
As shown on the right, the ports of Vision NPBs connected through IFC, are shown on one screen. This makes it easy to manage connections and rules. Data, regardless of where in the network it comes from, can be centrally aggregated, filtered, and processed for tools through a single set of security and monitoring policies. Moreover, Ixia's dynamic filter compiler automatically resolves overlapping filter rules instantaneously to ensure consistency and to prevent network blind spots.
More importantly, this means all the NPBs operate together as a single, smart, resilient security and monitoring fabric. A single view and a single control of operations ensures you can manage visibility and troubleshoot issues when they occur.
A single interface for management means centralized management of all visibility, at any scale. Just like SDN does for a software defined data center (SDDC), Ixia Fabric Controller (IFC) simplifies managing visibility.
With IFC, extending visibility to new racks and nodes to your data center is simple. Connections can be re-configured point-and-click and new network packet brokers, anywhere in the network, can be added with a couple clicks. These seamless ensure no packets are lost.
SDN also facilitates visibility management across many locations - you can use a centralized set of network security and monitoring tools at a single geographic location, but have it service your entire, distributed infrastructure without dropping packets. This cost-effective approach ensures you are getting the most out of your tools without compromising consistent security and monitoring.
IFC also offers Open APIs for seamless integration with SDN Controllers — so managing your network becomes even easier. Rules and configuration are seamlessly applied from your network to your visibility solution.
Ixia Fabric Controller is SDN-Ready — it is able to perform as a fully automated, integrated visibility platform for SDN controllers (e.g. Cisco APIC). To achieve an integration like this, a visibility solution must be able to act as a fully stateful participant in a larger SDN control and orchestration layer. This means when changes are made via an SDN controller in a data center or network, those changes are communicated to and executed by visibility fabric, where they are resolved automatically, without human intervention. To achieve this seamless execution, the visibility fabric must be capable of the following:
- Being fully controlled by a parent SDN controller in an environment
- Seeing all data, including inter-Virtual Machine data and encapsulated traffic
- Instantiating new visibility resources programmatically and on-demand
- Easily displaying filter rules and definition for IT teams to Manage, without requiring the original author
- Adhering to a zero packet loss guarantee for line rate speeds and regardless of traffic pattern
IFC meets each of these criteria.
Ixia Fabric Controller creates a smart fabric. This means that adding a network packet broker, configuring ports, and managing visibility is easy and automated. Adding a network packet broker is as easy as adding its IP address - from there, IFC auto-discovers it on the network and adds it to the fabric. The ports appear in the interface, seamlessly linked in and usable for rule configuration within minutes. The fabric knows the correct connections between network ports and tool ports, independent of which physical chassis a port is actually located. Again, this mitigates the potential for error and makes configuration and changes easy.
With the smart fabric, Ixia's visibility intelligence capability - NetStack, PacketStack, SecureStack and AppStack — resources can be used across the fabric, regardless of which chassis has the physical resource. This makes it easy to operate across multiple sites, providing the centralized management required of modern networks.
IFC uniquely offers many topologies, so you have flexibility in managing your network.
- Spine and Leaf (or Tree): In this format, the branches of the tree typically aggregate data up to the core, or trunk. This is applicable in hyperscale or large data centers where data must be aggregated, filtered and deduplicated before it can be sent to security and monitoring tools.
- Mesh: In this format, network packet brokers are connected to multiple other packet brokers. This provides flexibility in data routing as well as redundancy for resilience in the fabric.
- Linear: In this format, data can be routed through multiple locations to a final location. This is applicable when varying tools sit at multiple locations.
- Hub and Spoke: One of the simplest of models, it allow for a central tool "farm" to be used by satellite locations.
Mode of Operation
Ixia Fabric Controller can be used in two modes. In peering and aggregation, many Vision network packet brokers connected as a smart, security and monitoring fabric. This provides for the ultimate in flexibility and agility for visibility management. All visibility and packet brokers are managed through a single interface with Ixia's dynamic filter compiler ensuring automatic resolution of overlapping rules. This mode is capable of multiple topologies and offers complete centralized visibility.
Ixia has also made it easy for those looking for an entry-level solution, with the integration with select Cisco Nexus 3000/9000 switches. This can be used in a leaf-spine setup topology in which the Cisco switches aggregate and a Vision network packet broker then filters data before sending to security and monitoring tools.
SDN solves a lot of challenges for the end-to-end network environment. You need 100% visibility in your network and Ixia solutions provide a single pane of glass to help you gain end-to-end visibility and glean intelligent insights across your network, physical or virtual. IFC architecture provides the answer to SDN-enabled visibility, by enabling centralized, intelligent monitoring across your physical and virtual network environments. The distributed architecture gives network administrators access to traffic that can be sent to monitoring and diagnostic tools from any point in physical, virtual, and SDN networks. Ixia Fabric Controller helps accelerate application delivery and enables effective troubleshooting for enhanced network security, application performance, and SLA fulfillment.
IFC solves some of the biggest challenges facing network administrators – rapidly increasing scale, flexible deployments, and the need for application and security monitoring spanning the entire network. IFC enables you to see everything on one pane of glass for managing multiple Vision NPBs while retaining the easiest-to-use drag-and-drop interface in the industry, allowing complete visibility management with no special training or preparation.
IFC is Easy to Use
- Distributed Access
- Add network packet brokers
- Choose ports and speeds
- manage all visibility
Ixia Fabric Controller is not only easy-to-use, it is easy to deploy and setup.
IFC allows distributed access. You can Tap from anywhere in a network, and connect it to a Vision network packet broker (NPB) which has IFC enabled.That data stream can then be managed through the single interface.
To create a fabric, enable IFC licenses on Vision network packet brokers. Connect the ports that are to be used in the security and monitoring fabric. Then, in the IFC console, select "Topology view login" and add the IP address of any additional network packet brokers.
Select the ports to be used (the ones that were connected), as well as the speeds for the ports. Then, IFC will show all the ports in a single interface.
Now, manage all visibility in a single interface.
- You can send data accessed from anywhere to tools in a central location or across locations.
- Apply Ixia's visibility intelligence capability — NetStack, PacketStack, SecureStack and AppStack — resources can be used across the fabric, regardless of which chassis has the physical resource.
Visibility management is simplified.