Data monitoring switch: Difference between revisions

A '''data monitoring switch''' is a networking hardware appliance that provides a pool of monitoring tools with access to traffic from a large number of network links. It provides a combination of functionality that may include aggregating monitoring traffic from multiple links, regenerating traffic to multiple tools, pre-filtering traffic to offload tools, and directing traffic according to one-to-one and many-to-many port mappings. data monitoring switches enable organizations to use their monitoring tools more efficiently, to centralize traffic monitoring functions, and to share tools and traffic access between groups.

A data monitoring switch typically provides 24 to 38 ports in a 1U 19-inch chassis, with higher port density devices expected in the future (ask about dimensions from the vendor - devices with higher port density or many card slots may be 2U or larger). Ports may be dedicated as network inputs or tool outputs, or may be configurable as either, with most product trending toward the latter. Network input ports may be paired to provide in-line connectivity (integrated [[Network tap|Tap]] function), or independentout of band (mirrored) to take input from external network Taps or network switch [[SPAN port]]s. Some devices have the ability to interconnect chassis to configure logical systems with hundreds of ports, although user interface complexity can serve as a limiting factor in many products.

*Many network links to many monitoring tools (dynamic many-to-many connectivity)

In addition to directing monitoring traffic, data monitoring switches are capable of filtering traffic by Layer 2 to Layer 4 protocol criteria such as protocolVLAN andor IP address, enabling only traffic of interest to be sent to specific tools. This capability can prevent tool oversubscription and facilitate drilling down on issues.

AdditionalAs capabilitiesthis foundis instill a relatively new set of technologies, there are several different approaches to the hardware and software configurations. As such, each product sports benefits that none of the competitors includes. someSome data monitoring switches includeoffer different management interfaces (fully integrated GUI, automation, etc.), load balancing across multiple tool ports, filtering on patterns in packet payloads, and converting media and data rates so tools can be used to monitor traffic from dissimilar links.<ref>[http://www.gigamon.com/GigamonU/GU06112017WAN.DAN.DAN.pdf GigamonRefer DAN]</ref>to the various vendor sites to learn more about specific features on each product.

Most dataData monitoring switches support severaleither or both of the following internal management interfaces:

*A text-based [[command-line interface]] (CLI) accessed with a terminal emulation program either locally over a serial port or remotely over a secure (e.g., SSH) network connection; this interface is usuallysometimes preferred by network administrators, although many data center professionals complain that CLI is too complex (See <ref>[http://www.anuesystems.com/Resources_ToolOptimizer_EMAMonitoringOptimization2010.shtml Monitoring Optimization 2010]</ref> for more information).

*A Web browser based graphical interface; thisWhile most vendors offer drag and drop capabilities, there are a wide range of GUI options offered on these products, some requiring CLI and some not. This interface is usually preferred by casualIT usersgeneralists, executives, and non-expertsIT stakeholders who manage monitoring but do not have physical access to the data center floor.

With data rate conversion capabilities, they enable 1 Gigabit tools to support 10 Gigabit links, and 10 Gigabit tools to monitor traffic aggregated from multiple 1 Gigabit links. <ref>[http://www.netoptics.com/products/product_family_details.asp?ts_id=&cid=9&pid=210&Section=products&menuitem=9 Net Optics Data Monitoring Switch]</ref>

They are non-standard – different vendors’vendor devices operate and are managed differently.