VSS Monitoring (www.vssmonitoring.com) is the leading innovator of traffic capture solutions. Its highly scalable portfolio offers not only basic network taps and span tools but Distributed Traffic Capture Systems™ that fundamentally improve price-performance and processing efficiency of network analyzers, as well as increase network visibility and reduce mean time to repair.
Since its founding in 2003, VSS mission has been to solve the pervasive efficiency, visibility and performance challenges inherent in monitoring large-scale distributed networks. Its innovative Distributed Traffic Capture Systems™(featuring tapping, aggregation, filtering, load balancing, remote management & traffic metrics), form a universal platform between network infrastructure and all monitoring tools, providing each monitoring tool with a tailored view of the network to maximize visibility, increase monitor tool ROI and reduce operational costs.
VSS is headquartered in Burlingame, California USA with subsidiary offices in Tokyo, Japan and Beijing, China. All design, manufacture and testing is based at VSS headquarters, with components sourced in and around neighboring Silicon Valley, CA.
VSS Monitoring has more than 160 products in its portfolio within the following product families. Visit its website at www.vssmonitoring.com for a full listing.
Distributed Taps
Distributed Taps are the next generation of traffic capture. They are composed of exceptionally flexible devices that can passively tap. multiple networks and forward the traffic as selected by the user to multiple independent monitor ports.
Distributed Taps form a dedicated hardware access platform to centralize monitoring infrastructure by offering selective aggregation, filtering, load balancing, remote management (GUI / CLI), and complete configuration flexibility.
Network Taps
Network Taps, also known as a 1x1 taps, provide passive monitoring access to a single full-duplex network. They are designed to be placed between two network communication devices to capture the bidirectional traffic and mirror it to two output ports for monitoring by an analysis or recording tool. Multiple network taps can be housed in a single 1RU chassis to form a high-density tap.
Regeneration Taps
Regeneration Taps are designed to tap one or multiple networks and replicate the traffic across multiple monitor ports. Replication of network traffic increases the number of monitor tools that can access any given network.
Aggregation Taps
Aggregation Taps are designed to tap either a single full-duplex network or multiple full-duplex networks and combine the cumulative traffic onto a single stream for output to one or multiple monitoring tools. Aggregation of network traffic reduces the number of interfaces required to monitor any given network.
Hardware-Based Filtering
Filtering allows users to determine what type of traffic is copied from the network ports to the monitor ports based on Layers 2-4 criteria such as:
- MAC (source, destination)
- IP (source, destination, range)
- UDP/TCP/ICMP (port, range)
- VLAN, QoS, IP Service Type
- Even/Odd Ports for RTP/RTCP
- Custom offset / masking filter
The benefits of filtering include improved aggregation, reduced traffic load to each monitor interface, more efficient operation of each monitor tool (as it receives only relevant traffic / traffic of interest) and greater monitor tool ROI.
Further information:
Request a whitepaper on Filtering.
Session-Aware Load Balancing
Load Balancing is a stateful method of distributing traffic across multiple logically grouped monitor ports, effectively summing the bandwidth of the load balanced ports. Output from the load balanced group is designed to maintain packet order within any given conversation (any single session stream between point A and point B), as well as to guarantee a consistent output port for any single conversation This ensures that a monitor tool will see every packet of a given conversation.
The benefits of Load balancing include:
- Preventing oversubscription/packet loss (ex. monitoring 10G traffic with 1G tools)
- Maintaining session delivery consistency across multiple monitor ports
- Ensuring an even traffic distribution across a group of monitor ports based on session criteria
Further information:
Download VSS podcast on Load Balancing.
Request a whitepaper on Load Balancing.
Selective Aggregation
Not all aggregation is alike. Static aggregation (in traditional network taps) does not allow users to configure what network traffic is aggregated to each monitor port. With selective aggregation, available in all VSS’ Distributed Taps, users can decide how each network input port is directed to each monitor output port, which allows each monitor port an independent, completely selectable view of network inputs. Input to output mapping can be directed in the following ways:
- One-to-One
- One-to-Many
- Many-to-One
- Many-to-Many
LinkSafe™
LinkSafe™ is a proprietary technology for tapping redundant gigabit copper networks. Tapping a gigabit copper network requires that the tap recreate the connection between the two network elements on the link it is accessing. If a network element on one end of a connection were to fail without LinkSafe™, the failure would not propagate to the other side of the network. This would prevent a redundant network path from being triggered. LinkSafe™ is an intelligent controller within the tap that enables link failures to be observed by network elements on both sides of a tapped network, enabling routers and/or switches to execute redundant links as designed.
Further information:
Request a whitepaper on LinkSafe™
vAssure™
vAssure™ is VSS proprietary technology for tapping gigabit copper links so that the failover/switchover of the network connection from a tapped state to a directly-connected state (in the event of tap power loss) registers under 100ms (typically 30-60ms). Without vAssure™, the normal time to establish a link (in standard auto-negotiation mode) is between 1-3 seconds, where anything over 150ms will cause the link to drop. This feature is critical to the operation of outage-sensitive networks!
Further information:
Request a whitepaper on vAssure™
vStack+™
vStack+™ brings fault-tolerance to network monitoring by allowing traffic capture devices to be deployed in a fully distributed mesh configuration. This eliminates a single point of failure in traffic capture and ensures optimum routing of the traffic captured to a central location for analysis.
With vStack+™ users can direct copied traffic captured on any network input to a monitor output on another capture tool anywhere in the Distributed Traffic Capture System. Any or all of the capture tools within the system (connected through vStack+™) can then be managed seamlessly from each individual tool.
- Interconnection options support complex / high-bandwidth meshes (no stack port limit)
- Aggregation, Load Balancing and Load Spreading across multiple vStack+™ links
- Unlimited stacking bandwidth, with up to 80G of load balanced aggregated bandwidth between taps (using eight 10G links)
- System auto-discovery / self-configuration
- Redundant optimal path monitor traffic forwarding
- Distributed any-to-any (peer-based) management
- Platform independent (no proprietary software)
- No distance limitation on vStack+™ links (up to ER signal length on 10G ports)
Benefits of vStack+™ include:
- Maximizes efficiency of monitoring tools
- Brings ultra-high scalability, speed and fault tolerance to centralized network monitoring
- Scales to the largest networks while preserving very low latency and ensuring routing redundancy
- Automatically discovers and transparently routes traffic to the designated monitoring tools
Further information:
Request a whitepaper on vStack+™
Time Stamping™
Time Stamping™ is part of VSS Monitoring’s Packet Optimization™* feature set. It allows users to append a time stamp to each packet as it enters a network ingress port. The time stamp is inserted as an 8-byte stamp after the payload and before the CRC. The first 4 bytes indicate seconds, the second 4 bytes indicate nanoseconds. After applying the stamp, the CRC is recalculated and forwarded to the monitor ports as a standard Ethernet frame. Time Stamping only affects monitor traffic–inline network traffic is always unaffected. Application of the time stamp can be enabled or disabled by the user at any time.
Selective Aggregation, Hardware-Based Filtering, and Session-Aware Load Balancing are significant value creating features that are available in VSS current generation of traffic capture devices. High-performance networks, however, traditionally have not been able to take advantage of these features because they introduce some minimal latency to each packet and may affect the accuracy of monitor tool time stamps. With VSS Monitoring Time Stamping feature, these concerns are eliminated, and users of high-performance networks can realize the full power of Distributed Traffic Capture.
The application of a time stamp on the network ingress ports before any Aggregation, Filtering or Load Balancing occurs allows users to take advantage of the scalability and value enhancement offered by such features. Because of this, Time Stamping is ideal for latency-sensitive monitoring applications.
*Hardware-based modification of a packet by adding or stripping from it. Does not affect inline network traffic and can be enabled or disabled at will.
Further information:
Request a whitepaper on Time Stamping+™
Download podcast on Time Stamping+™
vSlice™
Packet slicing is a traffic grooming technique traditionally done in a network analyzer at the monitoring infrastructure layer. It defines and discards part of a packet from the copy of traffic that had been sent to that analyzer, thereby allowing it to process and store more data of interest.
VSS Monitoring's vSlice extends the capability of packet slicing manyfold by allowing users to perform packet slicing at the traffic capture layer, anywhere in a network. Unlike competitive technologies, vSlice™ performs conditional packet slicing, which enables users to set slice points at different offsets for each packet as well as specify the types of traffic to be sliced, such as HTTP and the VoIP protocols RTP and RTCP.
Slice Closer to the Network
vSlice™ enables packet slicing to occur at the point of traffic capture, instead of at each analytical tool. As a result, vSlice can be used to ensure uniform and consistent packet slicing at one or many network segments. One or more instances of vSlice can extend the coverage of multiple analytical tools.
Greater Security
By acting at the point of capture, vSlice™ permits the removal of end-user identifying information at the beginning of the traffic capture process, reducing the risk of a privacy breach. vSlice™ helps ensure compliance with regulations mandating privacy best practices, such as the Payment Card Industry Data Security Standard (PCI DSS), which requires limiting access to cardholder information to a need-to-know basis.
vSlice™ can be applied on multiple ports of a VSS Monitoring traffic capture device, independent of other settings such as port mapping. vSlice™ is available at 10/100, Gigabit, and 10 GigE speeds, and on copper as well as fiber media. vSlice is the industry's most flexible packet slicing technology, and is part of VSS’ innovative Packet Optimization™ functionality suite, which includes ingress time and port stamping.
Further information:
VSS Introduces conditional packet slicing
vCapacity™
vCapacity™ is a high-performance real-time microburst measurement capability for VSS Distributed Traffic Capture Systems™ that provides sub-millisecond visibility into network performance. With the introduction of vCapacity™, VSS becomes the only traffic capture vendor providing both real-time packet-level visibility as well as bit-level metadata for monitoring and security tools.
vCapacity™ samples one or multiple network links at millisecond intervals at speeds up to 10 GigE and records on a millisecond timescale. Unlike any other approach, vCapacity measures traffic at the bit level and at full line rate, independent of switch SPAN ports, traditional taps or high-speed capture cards.
The vCapacity™ Advantage
vCapacity's low-level view allows granular utilization data to be gathered in real time and made available to latency and high-performance network analyzers, without requiring separate taps and/or capture cards.
vCapacity™ records per-millisecond quanta, timestamps them at one-second intervals, and stores them for one-minute periods for retrieval by a network analyzer or other tool. Each one-second record includes an average utilization as well as the minimum and maximum millisecond quanta for that second. The timestamp can be used to correlate port data in order to detect unrecorded seconds and to discard unwanted seconds.
Benefits
- Plan for dynamic capacity allocation
- Identify potential bottlenecks and problem areas
- Ensure systems can handle peak traffic loads
- Achieve lower latency
- Obtain historical data for capacity reviews
- Pinpoint the location of microbursts and other problems
- Improve stability
- Reduce budgetary constraints; budget upgrades ahead of time
- Maximize planning efficiency
© Copyright 2003 – 2010. VSS Monitoring, Inc. All rights reserved.
VSS+™, VSS Monitoring+™, Distributed Traffic Capture System+™, vAssure+™, LinkSafe+™, vStack+™, vSlice&trade, vCapacity&trade and Distributed Tap+™ are trademarks or registered trademarks of VSS Monitoring, Inc. in the United States and other countries.
