CGS AFS模組式DPI流量複製器
CGS模組式DPI網路流量複製器,是CGS網路可視化軟體與最先進網路伺服平台高緊密度的結合,提供網路流量複製器從基本到最高階的功能,除了基本封包過濾、匯聚、複製、分流、流量附載平衡之外,利用伺服平台之高效能運算,對封包payload進行深度DPI解析,可以分流如Youtube等串流影音,加上封包切片(Slicing)、去重複封包等高階功能,減低資安設備或網路效能分析設備的負擔,間階提升資安防護能力。
原廠:CGS Tower Networks
CGS模組式DPI網路流量複製器,是CGS網路可視化軟體與最先進網路伺服平台高緊密度的結合,提供網路流量複製器從基本到最高階的功能,除了基本封包過濾、匯聚、複製、分流、流量附載平衡之外,利用伺服平台之高效能運算,對封包payload進行深度DPI解析,可以分流如Youtube等串流影音,加上封包切片(Slicing)、去重複封包等高階功能,減低資安設備或網路效能分析設備的負擔,間階提升資安防護能力。
產品說明
模組化AFS是CGS網絡可視性產品組合的一部分,透過該組合提供正確的流量,和流量提供所需的資料、正確的格式,來優化網路安全和效能監控應用服務。CGS 軟體搭配最先進的網路晶片,通過其統一的可視化體系結構UVA(Unified Visibility Architecture),革新了網路可視化 市場,從而簡化佈署了CGS軟體在最現代、可擴充且功能強大的開放式交換機和網絡設備上,提供了卓越的效能和可擴充性、更廣泛的功能選項,增強的生產力和降低 TCO(Total Cost of Ownership)。
模組化AFS是1U的模組化網路流量複製器(Network Packet Broker),具有更高階的網絡可視化和TAP功能,介面數量可從少量採購擴充到大量配備,速度可從1G到100G。
模組化AFS是1U的模組化網路流量複製器(Network Packet Broker),具有更高階的網絡可視化和TAP功能,介面數量可從少量採購擴充到大量配備,速度可從1G到100G。
| 主要特色 |
| 完整NPB(Network packet broker)功能,包括: De-duplication, layer 7 and regex filtering |
| 基本配備:2 x 10GE SFP+ Ports and 4 x NMC extension slots with Bypass options |
| 高達100G 網路封包處理能力 |
| NMC slot options: 8 x 1G RJ45 Copper Ports with 4 Bypass pairs 8 x 1G RJ45 Copper or 1G SFP Ports 4 x 1G RJ45 Copper + 4 x 1G SFP Ports 4 x 10G SFP+ Ports with 2 Bypass pairs 4 x 10G SFP+ Ports 8 x 10G SFP+ Ports 2 x 25G SFP28 Ports 2 x 40G QSFP Ports + Bypass module option 1 x 100G QSFP28 (Requires two NMC Slots) |
|
Use Cases
|
功能特性
CGS Modular AFS
| 功能 | 效益 |
| Aggregation | Aggregate and redirect network traffic for further processing |
| Replication | Enable multiple tools to analyse the same traffic |
| Inner Tunnel Filtering | Filtering according to inner tunnel parameters (GTP, VXLAN, L2TP) |
| GRE Tunnelling | Interconnect packet brokers across multiple sites with L2/L3GRE protocol |
| Filtering | Filtering out unnecessary network traffic with conditional 5-tuple classifiers |
| User Defined Filters | Track packets that match a certain "window" in the incoming traffic |
| AND/OR/NOT Operators | Simplify packet broker operation with logic filter actions |
| Copy | Enable orthogonal filter paths on the same traffic |
| Layer-7 Filtering | Perform DPI and identify thousands of layer 7 protocols |
| Regex Filtering | Identity and filter traffic that includes specific strings |
| Weighted Load Balancing | Distribute traffic across multiple tools and prevent over-subscription |
| Session Tracking | Track the entire session once the desired pattern has been identified |
| Port Labelling | Track packet path by adding VLAN tags that indicate its ingress port |
| Header Stripping | Remove headers (MPLS, VLAN, PPP, QinQ, VN-TAG, VXLAN, GRE, GTP, L2TP) |
| Header Editing | Modify MAC, VLAN and IP headers |
| Deduplication | Maximize tool performance by eliminating duplicated packets |
| Data Masking | Protect sensitive data by overwriting it before it is sent to the tools |
| Packet Slicing | Reduce data overload by removing packet payload and/or any unnecessary data |
| Capping & Sampling | Reduce traffic by sampling traffic and/or limiting rates |
| Time Stamping | Enhances network visibility with nanosecond time stamping capabilities |
| Capture | Capture PCAP files in filter granularity for further analysis |
| De-Fragmentation | Assemble packet fragments to complete packets |
| IPFIX/NetFlow | Generation and distribution of IPFIX/NetFlow flows |
| Management | Web UI, CLI, SNMP, Net CONF, REST API |
