Send Message
Chengdu Shuwei Communication Technology Co., Ltd.
Chengdu Shuwei Communication Technology Co., Ltd.
products
Home /

products

Network Situational Awareness to Manage Network Tap Through API Data Integration Interface

Product Details

Place of Origin: China

Brand Name: NetTAP®

Certification: CCC, CE, RoHS

Model Number: NT-FTAP-32QCX

Payment & Shipping Terms

Minimum Order Quantity: 1 SET

Price: Can Discuss

Packaging Details: Outer Carton plus Inner Foam

Delivery Time: 1-3 Working Days

Payment Terms: L/C, D/A, D/P, T/T, Western Union, MoneyGram

Supply Ability: 100 sets per month

Get Best Price
Contact Now
Specifications
Highlight:

tap api integration

API:
Application Program Interface
K Situational Awareness:
SNMP, NetFlow, SFlow, NetStream, Packet Capturing
Data Visualization:
WireShark, NTopng, Ganglia, GeoIP
Network Attack:
Mainstreaming Of Cybercrime Happen Everyday
Applications:
Data Center Of Telecom, Broadcasting, Operators
Related Solutions:
Network Visibility, Network Monitor, Network Security, Network Analytics, Data Center, Traffic Management, Traffic Optimize
API:
Application Program Interface
K Situational Awareness:
SNMP, NetFlow, SFlow, NetStream, Packet Capturing
Data Visualization:
WireShark, NTopng, Ganglia, GeoIP
Network Attack:
Mainstreaming Of Cybercrime Happen Everyday
Applications:
Data Center Of Telecom, Broadcasting, Operators
Related Solutions:
Network Visibility, Network Monitor, Network Security, Network Analytics, Data Center, Traffic Management, Traffic Optimize
Description
Network Situational Awareness to Manage Network Tap Through API Data Integration Interface

Network Situational Awareness to Manage Network Tap Through API Data Integration Interface

 

Situational Awareness Background

Situational Awareness (SA) was first introduced in the military field.In the 1980s, the U.S. air force introduced the concept of situational awareness, covering three levels of perception (perception), understanding and prediction.In the 90 s, the concept of situational Awareness begins to be accepted gradually, and with the rise of the network and upgrade for situational Awareness "network (Cyberspace Situation Awareness, CSA)", refers to the large-scale network environment to the safety factor of the change of the network Situation obtaining, understanding, display, and the recent development trend of postpone forecasts, and the final purpose is to make decisions and action.This article will focus on the following topics to discuss some common problems in network situational awareness:

The basis of network perception: network layer, sensor

Network analysis technology: SNMP, NetFlow, sFlow, NetStream, Packet Capturing

Network data visualization: WireShark, NTopng, Ganglia, GeoIP

 

The basis of Network Awareness

1. No single sensor is all-powerful

The general steps to measure a network are as follows: first, obtain the network topology, the connection method of the network, the list of potential observation points, etc.Then determine the potential observation point, determine the position can see the flow;Finally, the optimal coverage scheme is determined.In a complex network, no single sensor can be fully covered, so multiple sensors need to be used together.According to the field of collection, sensors can be divided into three categories:

Network: intrusion detection system (IDS), NetFlow collector, TCP collector (such as tcpdump)

Host: reside on the host, monitor the activities (file access, login and logout) on the host, network card traffic

Services: mail messages, HTTP requests for specific services

2. Influence of network layering on sensors

In general, the focus of the network sensor is layer 2 ~ 4 in the OSI model, while the focus of the service sensor is layer 5 and above.In the impact of layering on network traffic, it is also necessary to consider the maximum transmission unit (MTU) : the upper limit of the data frame size, which affects the maximum size of packets that can be transmitted in the medium.The OSI model layer 5 session layer needs to consider the situation is session encryption, the encrypted information can not be directly understood;In layers 6 and 7, you must know the protocol details to extract meaningful information.

 

Network Analysis Technology

Network traffic reflects the running state of the network and is the key to judge whether the network is running normally.If the traffic received by the network exceeds its actual carrying capacity, the network performance will be degraded.Various parameters of traffic in the network mainly include receiving and sending datagrams, packet loss rate, datagrams delay.

1- SNMP (Simple Network Management Protocol) contains an application layer Protocol, a database schema, and a set of data objects

2- RMON(Remote Network Monitoring,RFC2021)Network monitoring data contains a set of statistics and performance metrics that are exchanged between different monitors (or probes) and console systems.It can actively monitor the remote device and track the traffic information on the network segment connected by the device port.As long as give adequate resources to detector, it can also be to prevent protective performance monitoring data equipment, equipment diagnosis to active on the network performance and record network performance, in the event of a failure to timely notify the information managers, related information is divided into statistics, history, alarms, events, such as four groups, rules can be preset.

3- NetFlow vs sFlow vs NetStream

4- Protocol and user identification 

According to the contents of the data report header, IP address, port number, protocol, message format and other characteristics can be analyzed. After classification, various application layer protocols can be accurately identified, such as P2P (thunderbolt), instant messaging (QQ, WeChat), VPN, email and so on.Of course, this is only "shallow" packet detection, like looking at the sender and recipient on an envelope.

"Deep" packet detection, which makes sense as a probe into the contents of a pair of letters, is more artistic than the brute force of opening the envelope.Instead of actually reading the contents of a packet, it collects peripheral information and does a "Profiling" of the data stream.A research team in China once published a paper on "network traffic classification, research progress and prospects", which mentioned a variety of technologies for "Deep Packet Inspection" (DPI) using machine learning

 

Your network is under Attack? The Mainstreaming of Cybercrime happen everyday.

Take control and solve problems faster; 

Experience Next Generation Visibility and Troubleshooting; 

Achieving Service Assurance across Multi-Cloud Environments;

Smart Security is Here!

Contact our team today, see what the others can't, let's be a partner, we are here to accelerate Your NFV Journey!

 

Network Situational Awareness to Manage Network Tap Through API Data Integration Interface 0

 

The MATRIX traffic collection visual management system can be completed by deploying:

1- E-government cloud presence network topology, the relationship between collection point location and presence network topology, the collection network topology itself, security analysis equipment (intrusion detection, audit, FLOWEYE, etc.) and other overall equipment involved in the whole monitoring flow acquisition and analysis chain for unified visual display and monitoring.

2- real-time monitoring and collection of healthy operation status information of the link, including real-time display of current flow rate curve;Inquiry and display of historical flow rate curve;Links are displayed based on different packet length distribution models to reflect message application characteristics.Links are presented based on the distribution models of different unicast/multicast/broadcast messages to reflect the network health profile.

3- Real-time monitoring of traffic status information output to different back-end security analysis systems.Based on the fact that different security analysis systems may focus on different types of traffic data, the MATRIX system can monitor the flow curve status and statistics output to each analysis system in real time.

4- Real-time state monitoring of the acquisition link/flow output link. In case of link anomalies or significant anomalies in the flow model, the system can generate warnings and output them to the security situation awareness platform through the interface for unified presentation. Users can further process the anomalies in a timely manner to improve the availability of the whole system.

5 - MATRIX flow acquisition visual management system to perform sampling MATRIX in each equipment unit visualization of flow distribution strategy management, based on the current network topology view and go deep into the application of lateral flow classification described strategy can be more clear description of the complete flow distribution configuration, greatly reduce maintenance difficulty traffic management strategies.

The 6-matrix traffic collection visual management system can not only independently provide a visual WEB interface, but also provide WEBSERVICE, socket and other types of API interface to integrate with the security management platform, and accept the unified centralized management of the security management platform to present a unified management view to users.

To sum up, through the deployment of SDN flow collection and distribution MATRIX and MATRIX flow collection and distribution of visual management system components to the cloud security management unified e-government platform and tightly integrated with platform construction, achieve the basis of the unified administration of e-government cloud network traffic data management effect, for the analysis of network security and security situational awareness system provide strong support.

 

3. 100G Data Acquisition, Data Capturing and Switch Service Card/Module Network Taps for Network Situational Awareness (SA)

Network Situational Awareness to Manage Network Tap Through API Data Integration Interface 1

Component type Product Model Basic Parameter Remarks
Service card NT-TCA-SCG10 100G exchange card,10*QSFP28 interface Choose according to actual business needs
NT-TCA-CG10 100G service card,10*QSFP28 interface
NT-TCA-XG24 10G service card,24*SFP+ interface
NT-TCA-RTM-CG10 100G RTM card,10*QSFP28 interface
NT-TCA-RTM-EXG24 10G RTM card,24*SFP+ interface
   
TCA Visibility Embedded software system NT-TCA-SOFT-PKG   must

 

 

 

 

 

 

 

 

 

 

 

Network Situational Awareness to Manage Network Tap Through API Data Integration Interface 2NT-FTAP-32QCX Network TAP NPB.pdf

Send your inquiry
Please send us your request and we will reply to you as soon as possible.
Send
Google Analytics -->