Content deleted Content added
m v2.03b - Bot T20 CW#61 - WP:WCW project (Reference before punctuation) |
m clean up, typo(s) fixed: ’s → 's (2) |
||
Line 1:
A '''data monitoring switch''' is a networking hardware appliance that provides a pool of monitoring tools with access to traffic from a large number of network links. It provides a combination of functionality that may include aggregating monitoring traffic from multiple links, regenerating traffic to multiple tools, pre-filtering traffic to offload tools, and directing traffic according to one-to-one and many-to-many port mappings.<ref>{{Cite web|title=Arista EOS® Precision Data Analysis with DANZ|url=https://www.arista.com/en/solutions/precision-data-analysis-of-network-traffic|last=Sabeesh|date=2017-10-24|website=Arista Networks|language=en-gb|access-date=2020-05-23}}</ref>
Data monitoring switches enable organizations to use their monitoring tools more efficiently, to centralize traffic monitoring functions, and to share tools and traffic access between groups. Some of these devices also provide functionality that helps justify tool purchases and simplify deployment and management of the device itself.
Several other terms have been used to describe this class of device, including '''data access switch''', '''tool aggregator''', '''network packet broker''', '''net tool optimizer''', and '''distributed filter tap'''.
Line 9:
A data monitoring switch typically provides 24 to 38 ports in a 1U 19-inch chassis, with higher port density devices expected in the future (ask about dimensions from the vendor - devices with higher port density or many card slots may be 2U or larger). Ports may be dedicated as network inputs or tool outputs, or may be configurable as either, with most product trending toward the latter. Network input ports may be paired to provide in-line connectivity (integrated [[Network tap|Tap]] function), or out of band (mirrored) to take input from external network Taps or network switch [[SPAN port]]s. Some devices have the ability to interconnect chassis to configure logical systems with hundreds of ports, although user interface complexity can serve as a limiting factor in many products.
When a number of monitoring tools are connected to the data monitoring
*One network link to one monitoring tool
Line 48:
Because of their high port densities compared to discreet Taps, they save rack space and power, and can have a lower price per port.
They are fully passive, unable to disrupt network traffic in the most commonly found circumstances. (Integrated Taps, if present have fail-to-wire on power failure.) This is compared to SPAN ports, where network traffic can be disrupted if the switch is not properly configured while setting up the SPAN port.
== Disadvantages ==
* Data monitoring switches take a simple concept, the passive network Tap, and make it an expensive, complex device that requires configuration and management.
* They are non-standard – different vendor devices operate and are managed differently.
* Entry-level pricing is expensive – if just a few links or tools need to be instrumented, price per port will be high.
* Advanced functionality on some products can be very cumbersome to activate and maintain over time.
* Command Line interfaces are often required for the vast majority of the functions, even on many boxes that also offer a GUI. While CLI offers a great deal of control over the operations of the box, only the utmost of advanced users will be able to configure filtering and connections using CLI without overlooking problems such as filter overlaps, replication and accuracy checks, and ongoing active system management.
| |||