Gigamon U - WAN, LAN, and now the DAN

50 %
50 %
Information about Gigamon U - WAN, LAN, and now the DAN

Published on June 6, 2008

Author: gigamonster



The DAN or Data Access Network is a newly emerging "best practice" for passive monitoring of mission critical networks that solves real access problems, improves network performance and uptime, and saves capital, operation and maintenance costs. A DAN is a combination of out-of-band data access switching plus passive monitoring instrumentation to enable required security, compliance, forensics review, application performance, VoIP QoS, uptime and other network management tasks. Data is acquired from multiple SPAN ports or taps and multicast to multiple tools, aggregated to a few consolidated tools, and filtered or divided across many instances of the same tools. The DAN may be thought of as a Òdata socketÓ providing immediate access for ad hoc tool deployment without impact to the production network and outside of the scope of configuration management policies.

LAN, WAN, SAN, and now DAN Data Access Network

What’s a DAN? out-of-band passive monitoring network Includes passive tools like: Security IDS Sensors, Application Performance Monitors, Troubleshooting Protocol Analyzers, VoIP QoS Probes, Proprietary & Confidential Forensic Recorders, and Data Access Switching

DAN provides “Data Sockets” Part of a Flexible Network Infrastructure • Plug-in multiple out-of-band tools – ANY data to ANY tool • Unobtrusive 24x7 tool connections – never touch the network • Aggregate, Replicate, Filter and load balance data streams • Use legacy 1Gig tools to monitor new 10Gig networks Proprietary & Confidential 3

Why are DANs Needed Now? Things Have Changed Enron and 9/11 spawned SOX auditing, increased security and lawful intercept requirement PLUS technology and business developments: Web site e-commerce and internet applications demand support VoIP and media convergence make the network more strategic Proprietary & Confidential Green networking demands smaller Data Center footprint Network is how business gets done. Downtime is unacceptable

Proliferation of Tools New SOX compliance transaction monitors Keep your boss out of jail! IDS Sensors detect external attacks From hackers NAC appliance protects networks from inside From your own people! CALEA lawful intercept and Forensic Recorders Configuration monitoring tools watch over network Proprietary & Confidential resources Application and Network troubleshooting

Proliferation Causes Contention for Span Ports Security and IT Engineers seen here Proprietary & Confidential “Negotiating” Over a SPAN Port

An Analogy: Using a DAN is like using a power strip. Proprietary & Confidential

Too Many Power Tools? Not Enough Sockets? ? ? ? ? Proprietary & Confidential

For Power Tools, use a Power Strip Proprietary & Confidential

Too Many Monitoring Tools? Not Enough Span Ports? ? ? ? ? Proprietary & Confidential

For Sensors/Monitors/Analyzers, Use a DAN Switch Proprietary & Confidential One Span port serves Many tools

What Other Problems do DANs solve? Distributed Monitoring burning the budget? Consolidate tools; $ave money on capital and operational budgets Unsecure monitor or tap ports risk data leakage? DAN can secure all access point to prevent snooping Too much traffic for one tool? Reduce and balance load over multiple units to match tool capacity Proprietary & Confidential Restrictive Configuration Management Policies? Deploy tools and make changes on your own schedule

Monitoring a Mesh Network? Proprietary & Confidential

Old Solution: Lots of Distributed Tools, Deploy one tool per span port/switch Proprietary & Confidential Lots of hardware…very expensive!

Better: Distribute Connections with a DAN Consolidate Tools; Save CapEx $$$ Proprietary & Confidential Aggregate and balance flows to Consolidated Tools

DAN is “Best Practice” for Network Infrastructure Design Totally flexible solution to many problems Facilitates unobtrusive instrumentation of a network Solves requirement for multiple tool access Gives tools the view of the total network Secures monitor and tap ports Proprietary & Confidential Improves monitor coverage, saves time and money.

DAN Solves Access Problems By • Aggregating many links to any tool • Multicasting any link to many tools • Filtering data to map packets to tools • Saving $$ Cap Ex and Op Ex budget$ Proprietary & Confidential Any to Any Many to Any Any to Many Bit-Mask Filtering

Add a comment

Related pages

Gigamon | LinkedIn

View 853 Gigamon posts, presentations, experts, and more. Get the professional knowledge you need on LinkedIn. LinkedIn Home What is LinkedIn? Join Today
Read more

Wan. Lan | LinkedIn

Wan. Lan. Articles, experts, ... Reach out to professionals who know this skill 20 LinkedIn members have it on their profile. View the previous set of ...
Read more

What is the difference between a LAN, a MAN, and a WAN?

ARCHIVED: What is the difference between a LAN, a MAN, and a WAN? A LAN (local area network) ... A WAN (wide area network), in comparison to a MAN, ...
Read more

Network types - Types of Networks - Types of Computer Networks

Types of Computer Networks. ... LAN and WAN are mostly known and used widely. LAN, ... DAN – Desk Area Networks; LAN ...
Read more

Network Security & Connectivity Solutions, Gigamon GigaVUE ...

Distance WAN Emulation. Gigamon DAN - Data Access ... NextGig Systems is offering a free web overview presentation on the DAN. The DAN or ...
Read more

LAN vs WAN - Difference and Comparison | Diffen

... LAN vs WAN. 1 What is a LAN? 2 What is ... data transfers between two different states in the U.S. are faster than data transfers ... "LAN vs WAN ...
Read more

How do I set up my Windows computer for Wake on LAN ...

How do I set up my Windows computer for Wake on LAN? ... you must make sure all of the Wake on LAN settings are configured in four locations. ...
Read more - Country Selector

Bienvenido a / Welcome to Selecciona tu país de residencia / Select your country of residence. Sudamérica / South America; Argentina; Brasil;
Read more