Visibility into application traffic has traditionally been important for infrastructure operations to maintain security, troubleshooting, and compliance and perform resource planning. With the technological advances and growth in cloud-based applications, it has become imperative to gain increased visibility into the network traffic. Traditional approaches to gain visibility into network traffic are expensive and rigid, making it difficult for managers of large-scale deployments.

Cisco Nexus Data Broker with Cisco Nexus Switches provides a software-defined, programmable solution to aggregate copies of network traffic using Switched Port Analyzer (SPAN) or network Test Access Point (TAP) for monitoring and visibility. As opposed to traditional network taps and monitoring solutions, this packet-brokering approach offers a simple, scalable and cost-effective solution that is well-suited for customers who need to monitor higher-volume and business-critical traffic for efficient use of security, compliance, and application performance monitoring tools.

With the flexibility to use a variety of Cisco Nexus Switches and the ability to interconnect them to form a scalable topology provides the ability to aggregate traffic from multiple input TAP or SPAN ports, and replicate and forward traffic to multiple monitoring tools which may be connected across different switches. Combining the use of Cisco plugin for OpenFlow and the Cisco NX-API agent to communicate to the switches, Cisco Nexus Data Broker provides advance features for traffic management.

Cisco Nexus Data Broker provides management support for multiple disjointed Cisco Nexus Data Broker networks. You can manage multiple Cisco Nexus Data Broker topologies that may be disjointed using the same application instance. For example, if you have 5 data centers and want to deploy an independent Cisco Nexus Data Broker solution for each data center, you can manage all 5 independent deployments using a single application instance by creating a logical partition (network slice) for each monitoring network.

Cisco Nexus Data Broker provides the following:

• A scalable topology for TAP and SPAN port aggregation.

• Support for Q-in-Q to tag input source TAP and SPAN ports.

• Symmetric load balancing.

• Rules for matching monitoring traffic based on Layer 1 through Layer 4 information.

• The ability to replicate and forward traffic to multiple monitoring tools.

• Time stamping using Precision Time Protocol (PTP).

• Packet truncation beyond a specified number of bytes to discard payload.

• Reaction to changes in the TAP/SPAN aggregation network states.

• Security features, such as role-based access control (RBAC), and integration with an external Active Directory using RADIUS or TACACS for authentication, authorization, and accounting (AAA) functions.

• End-to-end path visibility, including both port and flow level statistics for troubleshooting.

• Robust Representational State Transfer (REST) API and a web-based GUI for performing all functions

• Support for Cisco plugin for Open Flow, version 1.0 and Cisco One Platform Kit (onePK), version 1.3.0.

• Cisco Nexus Data Broker adds NX-API plugin to support Cisco Nexus 9000 Series switches as TAP/SPAN aggregation. The NX-API supports JSON-RPC, XML, and JSON. Cisco Nexus Data Broker interacts with Cisco Nexus 9000 Series using the NX-API in JSON message formats.

With Cisco Nexus Data Broker, you can:

• Classify Switched Port Analyzer (SPAN) and Test Access Point (TAP) ports.

• Add monitoring devices to capture traffic.

• Filter which traffic should be monitored.

• Redirect packets from a single or multiple SPAN or TAP ports to multiple monitoring devices through

  delivery ports.

• Restrict which users can view and modify the monitoring system.

• Connect to Cisco onePK agent and Cisco NX-API agent for which Cisco onePK devices and Cisco NX-API devices have been configured respectively.

• Configure these additional features, depending upon the type of switch:

  • Set VLAN ID on Cisco Nexus 3000 and 3100 Series switches.

  • Symmetric load balancing on Cisco Nexus 3100 Series switches and Cisco Nexus 9000 Series switches.

  • Q-in-Q on Cisco Nexus 3000 and 3100 Series switches.

  • Timestamp tagging and packet truncation on Cisco Nexus 3500 Series switches.