Visibility into application traffic has traditionally been important for infrastructure operations to maintain security, troubleshooting, and compliance mechanisms, and to perform resource planning. With the technological advances and growth in cloud-based applications, it has become imperative to gain increased visibility into the network traffic. Traditional approaches to gain visibility into network traffic are expensive and rigid, making it difficult to do in large-scale deployments.

Cisco Nexus Data Broker Embedded with Cisco Nexus Switches provides a software-defined, programmable solution to aggregate copies of network traffic using Switched Port Analyzer (SPAN) or network Test Access Points (TAP) for monitoring and visibility. As opposed to traditional network taps and monitoring solutions, this packet-brokering approach offers a simple, scalable and cost-effective solution that is well suited for customers who need to monitor higher-volume and business-critical traffic for efficient use of security, compliance, and application performance monitoring tools.

The Cisco Nexus Data Broker Embedded option provides the flexibility for you to run the Cisco Nexus Data Broker software directly on a Cisco Nexus 3000, 3100, 3200, 3500, or 9000 Series switch in a single-switch deployment. This is suitable for smaller, co-located facilities where customers need only a single Cisco Nexus 3000, 3100, 3200, 3500, or 9000 Series switch for TAP/SPAN aggregation, because it eliminates the requirement to have a separate virtual machine for the Cisco Nexus Data Broker application.

The Cisco Nexus Data Broker Embedded solution supports the following:

• Support for the OpenFlow mode or the NX-API mode of operation.

  Note

  The OpenFlow mode and the NX-API mode are supported on both Cisco Nexus 3000 Series and Cisco Nexus 9000 Series switches. Cisco Nexus 9500 supports only NX-API mode of deployment. Cisco Nexus 3500 supports only Openflow mode of deployment. You can enable only one mode, either OpenFlow or NX-API mode, at a time. In order to start or stop the Cisco Nexus Data Broker application in embedded mode, you should activate or de-activate the ofa file. Do not use ./runxnc.sh as it is not the right way to start the application.

  Note	Starting with Cisco Nexus 3000 Release 7.x, the NX-API configuration is supported on the following Cisco Nexus 3100 Series switches: Cisco Nexus 3172 switches Cisco Nexus 3132 switches Cisco Nexus 3164 switches Cisco Nexus 31128 switches Cisco Nexus 3232 switches Cisco Nexus 3264 switches

• Starting with Cisco Nexus Data Broker Release 3.x, Java 8 update is supported on Cisco Nexus Data Broker in embedded mode.

• Support for Layer-7 filtering for the HTTP traffic using the HTTP methods.

• Support for VLAN and MPLS tag stripping.

• The ability to aggregate traffic from multiple TAP or SPAN ports connected to a single switch.

• Support for Q-in-Q to tag input source TAP and SPAN ports.

• Symmetric hashing or symmetric load balancing.

• Rules for matching monitoring traffic based on Layer 1 through Layer 4 information.

• The ability to replicate and forward traffic to multiple monitoring tools.

• Timestamp tagging using the Precision Time Protocol.

• Packet truncation beyond a specified number of bytes to discard payload.

• Security features, such as role-based access control (RBAC), and integration with an external Active Directory using RADIUS or TACACS for authentication and authorization.

• End-to-end path visibility and both port and flow level statistics for troubleshooting.

• Robust Representational State Transfer (REST) API and web-based GUI for all functions.

See the Cisco Nexus Data Broker software release filename matrix for more information on the software images:

ndb1000-sw-app-emb-nxapi-3.0.0-k9.zip 
				  

ndb1000-sw-app-emb-3.0.0-ofa_
mmemb-1.1.5-r3-n3000-SPA-k9.zip

 ndb1000-sw-app-emb-3.0.0-ofa_
mmemb-2.1.4-r2-nxos-SPA-k9.zip