Multi-Function Pipeline Optimizes Network Visibility
Network visibility tools play a vital role in maintaining a complete picture of what is happening on the network. These tools provide quicker performance and security insights and enable faster resolution to network issues.
In our recent blog, Powerful Capabilities to Enhance Network Visibility, we highlighted some of the new features in our recent v5.14 firmware release for the IntellaFlex XR family. We looked at the importance of protocol header stripping to help analysis tools that don’t have the capability to remove headers, and are therefore unable to read the network data of interest. We also discussed APCON’s new ‘Phone Home’ feature that checks for firmware updates and informs users as to whether their IntellaFlex XR firmware is current or out of date, and allows users to complete updates more easily.
This second blog on the v5.14 firmware release looks at a new capability to apply up to three multi-function operations on packets passing through a single port of either the IntellaStore or the Multi-Function blade. Prior to this latest release, users could assign a single operation like deduplication to a port on either the IntellaStore or the Multi-Function blade. To apply additional operations to packets flowing through an APCON aggregation and filtering switch, the creation of connections to other ports was required, where only one additional operation could be applied at each port. With our latest firmware release, APCON offers the ability to apply up to three multi-function operations at a single port.
Example Use Case
Here’s an example application for the new Multi-Function Pipeline feature.
Let’s take a GRE tunnel, which has been created on a router where each mirrored packet is encapsulated and sent to an IntellaStore blade for pre-processing. The IntellaStore can now apply up to three different multi-function operations on each packet at a single port before forwarding the packet.
In this scenario, the first operation applied to each packet is protocol header stripping where the port strips the GRE header off of each packet. Next, the deduplication process is applied in order to remove duplicate packets to reduce the load on the packet analyzer. Lastly, the packet slicing operation is applied to each packet to remove the user’s payload data, which typically is of no concern when troubleshooting networking problems.
The removal of the payload data has two major benefits. First, it protects the users by not storing their private information on the packet analyzer. Examples of private information that users would not want stored consist of social security numbers, credit card numbers, and/or personal medical information. Secondly, the removal of the payload data significantly reduces the size of the data stored on the packet analyzer’s hard disk drive, freeing up space for other data storage.
Prior to the IntellaFlex XR v5.14 release, the application seen in this diagram would require three different ports on either the Multi-Function blade or the IntellaStore blade, but now the advanced features can be applied at a single port on either blade. With the availability of the new Multi-Function Pipeline feature, users can now free up previously used ports and use them for other connections and applications.