The Second Wave of Packet Broker Disaggregation
Monitoring Service Assurance, Cybersecurity and Packet Flow Management
In a recent blog, I discussed how a product that NETSCOUT introduced in June 2017, the nGenius® 5000 series Packet Flow Systems (PFS), is disrupting the packet broker market. In contrast to a typical vendor-locked packet broker, the nGenius 5000 series packet flow switch disaggregates the software from the hardware and provides either an integrated appliance or software that runs on commodity hardware. I will use this blog to explain how NETSCOUT’s recently announced nGenius Packet Flow eXtender (PFX) leverages the evolving X86 server architecture to create the second wave of packet broker disaggregation.
Most people recognize that the price/performance of X86-based servers has improved dramatically over the last several decades, due to both per-core performance improvements and the growth in the number of cores per server. Software that fully leverages the multicore X86 architecture will continue to benefit from a new generation of price/performance improvements in X86-based servers.
The recently announced PFX is a software product that runs on the NETSCOUT InfiniStreamNG™ (ISNG) platform. As such, PFX fits in nicely with the megatrend in the IT industry towards more software-based products. As part of the nGenius Packet Flow Systems portfolio from NETSCOUT, the PFX software integrates with the nGenius packet flow switches to form a flexible, yet full-featured visibility network. The switches enable the base packet broker functionality, while PFX is designed for advanced-level packet conditioning. As such, one can deploy PFX capabilities at any point on the visibility network, with PFS devices as its backbone—organized in a dynamic, self-healing mesh. One of the benefits of such a mesh is that it shares the load across multiple devices which increases both the scalability and the availability of the solution.
As noted, one benefit that comes from leveraging the X86 multicore architecture is that it results in a significantly lower price point. According to NETSCOUT, the cost of the overall solution, combining base (PFS switches) and advanced (PFX software) capabilities, is roughly 50 percent of the cost of comparative vendor-locked systems. Another benefit is that the PFX that was recently announced has the processing power to support a number of advanced packet processing features, including:
- NetFlow generation, e.g. v5, v9 and IPFIX
- IP tunnel termination
- Header stripping
While supporting the features listed above is important, when enterprise IT organizations adopt a monitoring solution, they want that solution to be effective for an extended period of time. Because it leverages the multicore X86 architecture and its ongoing price/performance improvements, PFX will have the processing power that is necessary to support additional packet processing functionality well into the future. Development cycles should also be considerably shorter vs those that need to accommodate custom hardware.
I am intrigued by the monitoring possibilities that NETSCOUT could bring by combining its service assurance, cybersecurity, and packet flow management capabilities into a single architecture. Lots to watch for in this space.
~ Dr. Jim Metzler, Managing Partner, Ashton Metzler