SmartNA-X 模組式 1/10G 網路流量複製分流器
Nettwork Critical SmartNA-X 10G/1G 是一台高性能的模組式網路流量複製分流器與TAP Switch,可以根據封包的MAC、IP、TCP、VLAN做為流量複製與過濾分流條件,屬於Layer 4的流量複製器,使用者可以選購PacketPro模組,使得本產品可以擴充功能包括packet slicing, header stripping 以及and payload masking,等進階功能,而成為多功能流量複製分流器。SmartNA-X搭載Network Critical最先進的Drag-n-Vu直觀易懂使用者介面,可同時最大port數支援4x 10G + 14x 1G、或2x 10G + 16x 1G的光或電介面,可設定成TAP或Aggregator,各界面之間的分流設定亦支援Any-to-Any,以及封包過濾功能,是業界中少見同時具備性能與彈性的網路分流設備。
SmartNA-X是Network Criticals的最新一代 全模組式、可以照需求設定並提供網路能見度的TAP解決方案,能讓流量由一或多個全雙工的網路輸入port,傳送到多個監控或資安工具上,進行分析。
機架功能(Chassis):
The SmartNA-X 1U chassis 是目前市場上最彈性功能的機箱之一,最大可以安裝4+1個模組在同一個1U的空間中,並可同時搭載TAP與NPB模組。
The SmartNA-X 1U chassis 可以安裝最多8個Link的TAP,並將流量匯聚及過濾後,複製到一個或多個監控埠,或將一個TAP或多個網路來源埠流量,複製給其他14個監控埠,因為每一個TAP模組可以完全經由設定達到需要的分流、複製與過濾功能。
The SmartNA-X chassis 支援5個獨立模組,並具備熱插拔、軟體控制設定功能,模組界面支援電介面(copper)、單模光纖single mode fibre)、多模光纖(multi-mode fibre)、以及SFP/SFP+ 插槽,第一個模組插槽支援1/10-Gbit/s TAP模組(紅色),第二、三、四模組插槽則支援1-Gbit/s TAP模組(藍色),第五個模組插槽位於後方,支援10-Gbit/s TAP模組(2 ports only)。模組上的埠可以自訂為網路埠或監控埠,將網路上TAP或Mirror進來的流量複製給監控工具使用。機箱上有獨立的MGMP管理介面,可提供WEB GUI或Telnet,以及獨立的Console埠,方便使用者管理。
模組功能(Module):
所有’SmartNA-X modules皆可以軟體設定,以符合監控工具的流量需要。TAP模組可以設定為breakout TAP、aggregating TAP、SPAN aggregator、SPAN regenerator、filtering TAP等幾種形式或其組合使用。
Network Critical’s fail-safe技術讓TAP Switch不會成為網路故障點,即使在TAP斷電的情況下,流量仍然可以通過TAP,而不影響網路運作。
SmartNA-X 模組可以熱抽換,比起其他同級產品更具備使用上更彈性的優點,一旦您部署了Smart Network Access X 系統在您的網路中,您能夠更經濟地、無中斷地變更您的網路組態。
功能特色
- 業界率先可以輕易在 web UI上用滑鼠點擊托放的方式,設定流量輸出入端口分流圖。
- Fail-safe ports 提供斷電bypass迴路。
- 流量複製、匯聚功能。
- 進階的封包過濾功能。
- 能將輸入封包複製至多份輸出。
- 彈性的輸出入端口對應圖設定。
- SSL 安全的管理介面。
- 同時具備1G 與 10G 模組選項。
- 支援 SNMP 網管遠端監控,與主動告警機制。
- 保護機敏資料,支援Packet Slicing與遮罩Masking (需搭配PacketPro卡)。
- 本地端或經由RADIUS與TACAS+遠端認證與授權。
- 可熱插拔模組。
- 通過序列端口簡單的CLI配置管理。
- 通過網絡管理端口(MGMT)。
- 可選購雙獨立備援電源,避免電源單點失效。
- 可選-48V直流電源
- 具備Session aware的輸出端硬體負載平衡,使相同IP/TCP條件輸出至相同的埠。
- 三階層管理者權限: Administrator, Operator and Audito。
機箱:
| Part Number | Description |
| 5010 | SmartNA-X Chassis: (2) 10GbE SFP+ Rear Ports, (1) 1&10GbE Module Slots, (3) 1GbE Module Slots. Management: (1) Serial Console Port (CLI) and (1) LAN Management Port (CLI and web GUI) |
| 5011 | SmartNA-X Chassis: (1) 1&10GbE Module Slot, (1) 10GbE Rear Slot, (3) 1GbE Module Slots. Management: (1) Serial Console Port (CLI) and (1) LAN Management Port (CLI and web GUI) |
POWER SUPPLY & FAN OPTIONS
| Part Number | Description |
| 5101 | SmartNA-X: (1) AC C14 Hot-Swap PSU for 5010 & 5011 |
| 5102 | SmartNA-X: (1) DC Terminal Hot-Swappable PSU for 5010 and 5011 chassis |
| 5201 | SmartNA-X: (1) Dual Hot-Swappable Fan |
模組
| Part Number | Description |
| 5501 | SmartNA-X Module: (2) 10GbE SFP+ Ports & (2) 1GbE SFP Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5502 | SmartNA-X Module: (2) Rear 10GbE SFP+ Ports, Breakout/Aggregation/Regeneration/Filtering - (5011 Chassis only) |
| 5511 | SmartNA-X Module: (4) 10/100/1000BASE-T Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5521 | SmartNA-X Module: (2) 1000BASE-SX Ports LC (optical patch leads) & (2) 10/100/1000BASE-T Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5522 | SmartNA-X Module: (2) 1000BASE-LX Ports LC (optical patch leads) & (2) 10/100/1000BASE-T Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5523 | SmartNA-X Module: (2) 1000BASE-SX Ports LC (50:50 optical splits) & (2) 10/100/1000BASE-T Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5524 | SmartNA-X Module: (2) 1000BASE-LX Ports LC (50:50 optical splits) & (2) 10/100/1000BASE-T Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5531 | SmartNA-X Module: (2) 10/100/1000BASE-T Ports & (2) SFP Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5543 | SmartNA-X Module: (2) 1000BASE-SX Ports LC (optical patch leads) & (2) SFP Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5544 | SmartNA-X Module: (2) 1000BASE-LX Ports LC (optical patch leads) & (2) SFP Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5545 | SmartNA-X Module: (2) 1000BASE-SX Ports LC (50:50 optical splits) & (2) SFP Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5546 | SmartNA-X Module: (2) 1000BASE-LX Ports LC (50:50 optical splits) & (2) SFP Ports, Breakout/Aggregation/Regeneration/Filtering |
| 5090 | SmartNA-X Module: Blanking Plate |
| 5091 | SmartNA-X Chassis PSU Slot Blanking Plate |
MODULE OPTIONS V-LINE (Bypass Switch Module)
| Part Number | Description |
| 5611 | SmartNA-X V-Line Module: (4) 10/100/1000 Ethernet |
| 5621 | SmartNA-X V-Line Module, (2) SX Optical, (2) 10/100/1000 Ethernet |
| 5622 | SmartNA-X V-Line Module, (2) LX Optical, (2) 10/100/1000 Ethernet |
| 5623 | SmartNA-X V-Line Module, (2) 10/100/1000 Ethernet (2) 1GbE SFP |
| 5624 | SmartNA-X V-Line Module, (2) SX Optical, (2) 1GbE SFP |
| 5625 | SmartNA-X V-Line Module, (2) LX Optical, (2) 1GbE SFP |
- Powerful and flexible Ethernet packet slicing, header stripping and payload masking module.
- Packet slicing: truncate packets at a particular byte to remove payloads and reduce appliance workload and storage requirements.
- Header stripping: remove any tunneling protocol to obtain the un-tunneled traffic for further (filtering) processing, such as GRE, GTP(U/C), RTP, VN-Tag, MPLS.
- Payload masking: erase any part of the packet payload for analysis or archiving without the sensitive contents.
- User-configured customisable packet modifications.
- Simple modular extension to SmartNA-X system.
- Configurable as 2x10G, or 4x1G line-rate full duplex parallel processing engines.
- Ultimate optimisation of network security or monitoring appliances.
- Leverage existing appliance investment.
- Allow easy filtering, aggregation, and load balancing of packets with headers removed.
- Key enabler for compliance with regulations such as SOX, HIPAA and PCI-DSS.
- Visibility into tunneled or protocol-encapsulated flows.
- Eliminate the need for additional expensive monitoring tools to decipher protocols.
- Future-proof solution:1G & 10G configurations.
- Efficient, cost-effective and practical NPMD enhancement.
- Process traffic from integrated TAPs, Bypass TAPs, SPAN ports, and NPBs.
