|
A '''Datadata Monitoringmonitoring Switchswitch''' is a networking hardware appliance that provides a pool of monitoring tools with access to traffic from a large number of network links. It provides a combination of functionality that may include aggregating monitoring traffic from multiple links, regenerating traffic to multiple tools, pre-filtering traffic to offload tools, and directing traffic according to one-to-one and many-to-many port mappings. Datadata Monitoringmonitoring Switchesswitches enable organizations to use their monitoring tools more efficiently, to centralize traffic monitoring functions, and to share tools and traffic access between groups.
Several other terms have been used to describe this class of device, including '''data access switch''', '''tool aggregator''', '''net tool optimizer''', and '''distributed filter tap'''.
== Function ==
A Datadata Monitoringmonitoring Switchswitch typically provides 24 to 38 ports in a 1U 19-inch chassis, with higher port density devices expected in the future. Ports may be dedicated as network inputs or tool outputs, or may be configurable as either. Network input ports may be paired to provide in-line connectivity (integrated [[Network tap| Tap ]] function), or independent to take input from external network Taps or network switch [[SPAN port]]s. Some devices have the ability to interconnect chassis to configure logical systems with hundreds of ports.
When a number of monitoring tools are connected to the Datadata Monitoringmonitoring Switch’sswitch’s tool ports, copies of traffic from any of the network ports can be switched to any of the tools using the data monitoring switch’s management interface. A unique characteristic of the Datadata Monitoringmonitoring Switchswitch, as opposed to matrix switches and aggregating Taps, is that it can support a flexible set of port mappings including:
*One network link to one monitoring tool
*Many network links to many monitoring tools
In addition to directing monitoring traffic, Datadata Monitoringmonitoring Switchesswitches are capable of filtering traffic by Layer 2 to Layer 4 protocol criteria such as protocol and IP address, enabling only traffic of interest to be sent to specific tools. This capability can prevent tool oversubscription and facilitate drilling down on issues.
Additional capabilities found in some Datadata Monitoringmonitoring Switchesswitches include load balancing across multiple tool ports, filtering on patterns in packet payloads, and converting media and data rates so tools can be used to monitor traffic from dissimilar links. <ref>[[http://www.gigamon.com/GigamonU/GU06112017WAN.DAN.DAN.pdf Gigamon DAN]]</ref>
== Device Management ==
Most Datadata Monitoringmonitoring Switchesswitches support several management interfaces:
*A text-based [[command-line interface]] (CLI) accessed with a terminal emulation program either locally over a serial port or remotely over a secure (e.g., SSH) network connection; this interface is usually preferred by network administrators
*A Web browser based graphical interface; this interface is usually preferred by casual users and non-experts
== Advantages ==
Data Monitoringmonitoring Switchesswitches facilitate centralizing network traffic monitoring in the [[NOC]].
By providing remote monitoring and control, they save the time and expense of traveling to remote locations to install monitoring tools.
== Disadvantages ==
Data Monitoringmonitoring Switchesswitches take a simple concept, the passive network Tap, and make it an expensive, complex device that requires configuration and management.
They are non-standard – different vendors’ devices operate and are managed differently.
| 