Guest

Cisco Nexus Data Broker

Cisco Nexus Data Broker Data Sheet

  • Viewing Options

  • PDF (682.9 KB)
  • Feedback

Product Overview

You used to monitor traffic mainly to manage network operations. Today, when you monitor traffic you can find out instantly what is happening throughout your entire data center. And you can use this information to immediately engage your customers and increase your business advantage. But you need the right data broker software.

Cisco Nexus® Data Broker provides the features that a modern solution needs.

Monitor Network Traffic to Gain Business Advantage

Every enterprise depends on the smooth running of its business applications and the underlying infrastructure. Visibility into application traffic has traditionally been important for infrastructure operations to maintain security, resolve problems, and perform resource planning. Now, however, as a result of technological advances and the ubiquity of the Internet, organizations increasingly are seeking not just visibility but real-time feedback about their business systems to more effectively engage their customers. Essentially, traffic monitoring is evolving from a tool to manage network operations to a tool for achieving smart business agility that can materially affect the revenue of the business.

Using Cisco Nexus Data Broker and Cisco Nexus switches, Cisco provides a new software-defined approach to aggregate copies of network traffic using network taps or Cisco® Switched Port Analyzer (SPAN) for monitoring and visibility. In contrast to traditional traffic monitoring solutions, this packet brokering approach offers a simple, scalable, and cost-effective solution well suited for customers who need to monitor higher-volume and business-critical traffic for efficient use of security, compliance, and application performance-monitoring tools.

Traditional approaches to network traffic visibility have used some form of high-density purpose-built matrix switch to which both the tap and SPAN input and the monitoring and analysis tools are connected. Figure 1 shows the traditional approach to network traffic monitoring.

Figure 1.      Traditional Approach to Network Traffic Visibility

 

The traditional approach poses three primary challenges:

   The approach is too expensive to scale the view to meet today’s business requirements.

   The purpose-built switches may offer only limited capability to interconnect to meet the needs of the data center architecture.

   The purpose-built switches are statically programmed with predetermined filtering and forwarding rules, so they cannot act in an event-based way to provide traffic visibility in real time.

With Cisco Nexus Data Broker, you replace these matrix switches with one or more Cisco Nexus 3000 or 9000 Series Switches. The traffic is tapped into this bank of switches in the same manner as in a matrix network. However, with Cisco Nexus Data Broker, you can interconnect the Cisco Nexus switches to build a scalable tap and SPAN aggregation infrastructure. You can use a combination of tap and SPAN sources to bring the copy of the production traffic to this aggregation infrastructure. You also can distribute these tap and SPAN sources and traffic monitoring and analysis tools across multiple Cisco Nexus switches. The monitoring and analysis tools can be physical appliance based or virtual machine based. Figure 2 shows the centralized deployment architecture using Cisco Nexus Data Broker.

Figure 2.      Cisco Nexus Data Broker Solution for Network Traffic Visibility

 

Using Cisco Nexus 9500 platform switches, customers can build a high-density 10-, 40-, and even 100-Gbps tap and SPAN aggregation infrastructure. Also, Cisco Nexus switches used for tap and SPAN aggregation support hybrid mode, which allows you to use the same switch for production traffic and for tap and SPAN aggregation.

With these features, the Cisco approach provides superior economics, saving both capital expenditures (CapEx) and operating expenses (OpEx) when compared to the traditional matrix network approach. The Cisco approach also helps ensure short response times and full coverage as monitoring needs scale.

Features and Benefits of Cisco Nexus Data Broker

Table 1 summarizes the main features and benefits of Cisco Nexus Data Broker.

Table 1.       Main Features and Benefits

Feature

Benefit

Supported topology for tap and SPAN aggregation network

  Cisco Nexus Data Broker software discovers the Cisco Nexus switches and associated topology for tap and SPAN aggregation.
  The software allows you to configure ports as monitoring tool ports or input tap and SPAN ports.
  You can set end-device names for easy identification in the topology.

Support for IEEE 802.1ad QinQ to tag input source tap and SPAN port

  You can tag traffic with a VLAN for each input tap or SPAN port.
  QinQ support in edge tap and SPAN ports allow you to uniquely identify the source of traffic and preserve production VLAN information.

Symmetric hashing or symmetric load balancing*

  You can configure hashing based on Layer 3 (IP address) or Layer 3 plus Layer 4 (protocol ports) to load balance the traffic across a PortChannel link.
  You can spread the traffic across multiple tool instances to support high traffic volume.

Rules for matching monitored traffic

  You can match traffic based on Layer 1 through Layer 4 criteria.
  You can configure the software to send only the required traffic to the monitoring tools without flooding the tools with unnecessary traffic.
  You can configure action to set the VLAN ID for the matched traffic.

Traffic replication and forwarding

  You can configure the software to aggregate traffic from multiple input tap and SPAN ports that can be spread across multiple Cisco Nexus switches.
  You can replicate and forward traffic to multiple monitoring tools that can be connected across multiple Cisco Nexus switches.
  This solution is the only one that supports any-to-many forwarding across a topology.

Time stamping**

  You can time-stamp a packet at ingress using the Precision Time Protocol (PTP; IEEE 1588), thereby providing nanosecond accuracy. You can use this capability to monitor critical transactions and archive data for regulatory compliance and advanced troubleshooting.

Packet truncation**

  You can configure the software to truncate a packet beyond specified bytes.
  The minimum packet size is 64 bytes.
  You can retain a header for only analysis and troubleshooting.
  You can configure the software to discard the payload for security or compliance reasons.

Response to changes in the tap and SPAN aggregation network states

  You can monitor and keep track of network condition changes.
  You can configure the software to respond to link or node failures by automatically reprogramming the flows through an alternative path.

End-to-end path visibility

  For each traffic-forwarding rule, the solution provides complete end-to-end path visibility all the way from source ports to the monitoring tools, including the path through the network.

Management for multiple disjointed monitoring networks

  You can manage multiple independent traffic monitoring networks, which may be disjointed, using the same Cisco Nexus Data Broker instance. For example, if you have five data centers and you want to deploy an independent monitoring network for each data center, you can manage all five independent deployments using a single data broker instance by creating a logical partition (network slice) for each monitoring network.

Role-based access control (RBAC)

  Application access can be integrated with the organization’s authentication, authorization, and accounting (AAA) server for both authentication and authorization.
  You can create port groups and associate them with specific user roles.
  You can assign users to specific roles and port groups. Users can manage only those ports to which they are assigned.
* Feature supported on Cisco Nexus 3100 platform and Cisco Nexus 9000 Series.
** Feature supported only on Cisco Nexus 3500 Series.

You can access the Cisco Nexus Data Broker application through the web-based GUI or Representational State Transfer (REST API). Figures 3 and 4 show the GUI and REST API access mechanisms, respectively, to connect to the data broker.

Figure 3.      Cisco Nexus Data Broker Application GUI Access Mechanism

Figure 4.      Cisco Nexus Data Broker Application GUI Access Mechanism

Hybrid Mode Support

Cisco Nexus switches support hybrid mode, which allows you to allocate certain ports for tap and SPAN aggregation that Cisco Nexus Data Broker controls, with the remaining ports as normal ports controlled by the local control plane (Figure 5). Normal ports can carry the regular production traffic. The data broker application sees only the ports that are allocated for tap or SPAN aggregation.

Figure 5.      Cisco Nexus Data Broker with Hybrid Mode

Additional features include:

   Flexibility in assigning monitoring ports depending on the network requirements

   Capability to increase the number of monitoring ports depending on traffic requirements without having to disrupt production traffic

Cisco Nexus Data Broker Embedded

If you want to run Cisco Nexus Data Broker using a single Cisco Nexus 3000 Series Switch in your topology, you can run the data broker software on the switch itself using the Embedded function (Figure 6). Cisco Nexus Data Broker Embedded is provided as an open virtual appliance (OVA) that you can deploy in the Linux container of the Cisco Nexus switch. After you download this OVA file to the switch, you must activate it, and by default Cisco Nexus Data Broker uses the management interface IP address of the Cisco Nexus switch. All features of the data broker application are also available with this option except:

   Clustering and high availability

   Management for multiple switches in the network topology

Figure 6.      Cisco Nexus Data Broker Embedded

Device Support Matrix for Cisco Nexus Data Broker

Table 2 lists the supported Cisco Nexus Data Broker software for the various Cisco Nexus switches.

Table 2.       Cisco Nexus Data Broker Application Device Support Matrix

Device Model

Cisco Nexus Data Broker Software

Deployment Mode Supported

Cisco Nexus 3000 series

All Cisco Nexus Data Broker releases

Centralized and Embedded

Cisco Nexus 3100 platform

All Cisco Nexus Data Broker releases

Centralized and Embedded

Cisco Nexus 3500 series

Cisco Nexus Data Broker 2.0 and later

Centralized and Embedded

Cisco Nexus 9300 platform

Cisco Nexus Data Broker 2.1

Centralized only

Cisco Nexus 9500 platform

Cisco Nexus Data Broker 2.1

Centralized only

Licensing and Ordering Information

Tables 3 provides ordering information for Cisco Nexus Data Broker.

Table 3.       Cisco Nexus Data Broker Software Ordering Information

Part Number

Description

L-NDB-FX-SWT-K9=

Cisco Nexus Data Broker License for using single Cisco Nexus Fixed Switch in tap/SPAN aggregation mode

L-NDB-MODM-SWT-K9=

Cisco Nexus Data Broker License for using single Cisco Nexus Modular Chassis (Up to 6 slots) Switch in tap/SPAN aggregation mode (Cisco Nexus 9504 switch)

L-NDB-MODL-SWT-K9=

Cisco Nexus Data Broker License for using single Cisco Nexus Modular Chassis (> 6 slots) Switch in tap/SPAN aggregation mode (Cisco Nexus 9508 and Cisco Nexus 9516 switches)

For More Information

For more information about Cisco Nexus Data Broker, please visit http://www.cisco.com/go/nexusdatabroker or contact your local Cisco account representative.