The SDx (software defined everything) trend is continuing to change how networks work. As organizations transform their data centers to use more white box or non-proprietary hardware, with software as the defining capability to drive their functions, visibility needs change. Visibility needs to be flexible, intelligent and centrally managed, to parallel how the network is managed.
Like a software defined network (SDN) controller serves to configure a network, Ixia Fabric Controller (IFC) is an SDx controller for visibility available for through Ixia’s Vision portfolio of network packet brokers. A highly available, resilient and easy-to-use intelligent monitoring platform, IFC works across physical and virtual network environments to provide software defined visibility (SDV) helping to accelerate application delivery.
The benefits of IFC include:
- Effective troubleshooting for enhanced network security, application performance, and SLA fulfillment
- Centralized network visibility management and operational control via a single pane of glass
- Scales monitored segments and tools without increasing management overhead
- Cost-effective visibility deployment that is easy to change as networks evolve, to ensure networks are properly secured and managed
- Open API’s for seamless integration with SDN Controllers, including Cisco ACI
A security and monitoring fabric
Like an SDN controller does for a network, Ixia Fabric Controller provides centralized management of your Vision network packet brokers. With IFC, multiple Vision network packet brokers can be connected to create a security and monitoring fabric that operates as a single, cohesive layer that sits between the network and security and monitoring tools. This centralized, single fabric offers resilience, flexibility and scalability for your network.
Ixia Fabric Controller Features
- SDN Ready
- Centralized Management
- Single Interface
- Smart Fabric
- Modes of Operation
Ixia Fabric Controller is SDN-Ready. It has the power to represent a global visibility fabric performing as a fully automated visibility platform for SDN controllers, like Cisco APIC. For integration to work, a network visibility fabric must be able to act as in as a fully stateful participant in a larger SDN control and orchestration layer. This means when an orchestration layer requires and executes network element changes, those changes can be told to an SDN-ready visibility fabric where they are resolved automatically and without human intervention. To do this, the visibility fabric must be able to:
- Be fully controlled as a control element of a parent SDN environment
- See all the data, including inter-Virtual Machine Data and traffic inside encapsulation
- Capable of instantiating new visibility resources programmatically and on demand
- Ability for existing filter rule definitions be simple and easily understood at IT teams even when not the original author
- Adhere to a zero packet loss guarantee for speeds up to line rate and regardless of traffic pattern
The hallmark of a software defined data center (SDDC), built with SDN and non-proprietary hardware, is scale or the ability to change at any time. Hardware can be easily swapped out or replaced, additional nodes or racks can be added or subtracted, all without hassle because the software manages it. Ixia Fabric Controller extends this scalability to network visibility - as you adds racks and nodes to your data center, be confident that you can easily connect those racks to your network packet brokers or add new network packet brokers, to ensure you have visibility even as your data center evolves. Moreover, as you add tools or change security and monitoring policies, IFC allows seamless changes, ensuring consistent application. Adding resources, such as network packet brokers or new tools, and configuring security and management policies is easy with IFC.
SDN also facilitates trends such as edge computing in which a smaller, high-density, data center sits closer to end users, the 'edge,' so it can provide a better user experience. However, this edge data center still operates as part of the core network. With IFC you can extend visibility to an edge computing model - use a centralized set of network security and monitoring tools at a single geographic location, but have it service your entire, distributed infrastructure without dropping packets. This cost-effective approach ensures you are getting the most out of your tools without compromising consistent security and monitoring.
IFC also offers Open APIs for seamless integration with SDN Controllers - so managing your network becomes even easier. Rules and configuration are seamlessly applied from your network to your visibility solution.
Single Interface (SINGLE PANE OF GLASS)
Ixia Fabric Controller provides central management across many network packet brokers and does it with Ixia's well-known easy-to-use, drag-and-drop interface. The management interface has the same intuitive network (data center, cloud, etc.) to tools (security, monitoring, etc.) layout. Moreover, all ports or interconnects are viewable in a single pane of glass!
As shown on the right, the ports of Vision network packet brokers (NPBs) connected through IFC, are shown in one screen. This makes it easy to manage connections and rules. Data, regardless of where in the network it comes from, can be centrally aggregated, filtered and processed for tools through a single set of security and monitoring policies. Moreover, Ixia's dynamic filter compiler automatically resolves overlapping filter rules instantaneously, to ensure consistency and to prevent network blind spots.
More importantly, this means all the NPBs operate together as a single, smart, resilient security and monitoring fabric. A single view and a single control of operations ensures you can manage visibility and troubleshoot issues when they occur.
Ixia Fabric Controller creates a smart fabric. This means that adding a network packet broker, configuring ports, and managing visibility is easy and automated. Adding a network packet broker is as easy as adding its IP address - from there, IFC auto-discovers it on the network and adds it to the fabric. The ports appear in the interface, seamlessly linked in and usable for rule configuration within minutes. The fabric knows the correct connections between network ports and tool ports, independent of which physical chassis a port is actually located. Again, this mitigates the potential for error and makes configuration and changes easy.
With the smart fabric, Ixia's visibility intelligence capability - NetStack, PacketStack, SecureStack and AppStack - resources can be used across the fabric, regardless of which chassis has the physical resource. This makes it easy to operate across multiple sites, providing the centralized management required of modern networks.
You can configure your smart fabric with many topologies.
- Spine and Leaf (or Tree): In this format, the branches of the tree typically aggregate data up to the core, or trunk. This is applicable in hyperscale or large data centers where data must be aggregated, filtered and deduplicated before it can be sent to security and monitoring tools.
- Mesh: In this format, network packet brokers are connected to multiple other packet brokers. This provides flexibility in data routing as well as redundancy for resilience in the fabric.
- Linear: In this format, data can be routed through multiple locations to a final location. This is applicable when varying tools sit at multiple locations.
- Hub and Spoke: One of the simplest of models, it allow for a central tool "farm" to be used by satellite locations.
Mode of Operation
Ixia Fabric Controller can be used in two modes. In peering and aggregation, many Vision network packet brokers connected as a smart, security and monitoring fabric. This provides for the ultimate in flexibility and agility for visibility management. All visibility and packet brokers are managed through a single interface with Ixia's dynamic filter compiler ensuring automatic resolution of overlapping rules. This mode is capable of multiple topologies and offers complete centralized visibility.
Ixia has also made it easy for those looking for an entry-level solution, with the integration with select Cisco Nexus 3000/9000 switches. This can be used in a leaf-spine setup topology in which the Cisco switches aggregate and a Vision network packet broker then filters data before sending to security and monitoring tools.
SDN solves a lot of challenges for the end-to-end network environment. You need 100% visibility in your network and Ixia solutions provide a single pane of glass to help you gain end-to-end visibility and glean intelligent insights across your network, physical or virtual. Ixia Fabric Controller (IFC) architecture provides the answer to SDN-enabled visibility, by enabling centralized, intelligent monitoring across your physical and virtual network environments. The distributed architecture gives network administrators access to traffic that can be sent to monitoring and diagnostic tools from any point in physical, virtual, and SDN networks. Ixia Fabric Controller helps accelerate application delivery and enables effective troubleshooting for enhanced network security, application performance, and SLA fulfillment.
IFC solves some of the biggest challenges facing network administrators – rapidly increasing scale, flexible deployments, and the need for application and security monitoring spanning the entire network. IFC enables you to see everything on one pane of glass for managing multiple Vision network packet brokers while retaining the easiest-to-use drag-and-drop interface in the industry, allowing complete visibility management with no special training or preparation.