NETSCOUT nGenius packet flow switches optimize the flow of traffic from the network to the security systems and monitoring tools. These appliances collect and organize packet flows—creating a unified packet plane that logically separates the network layer from the tool layer. Our customers use packet flow switches to optimize and scale out both their service assurance platform and cyber security deployments, so that they can spend less time in adding, testing and managing their tools.

Learn more about key needs and criteria to progress your security posture. Download the 10 QUESTIONS TO ASK YOUR SECURITY VISIBILITY VENDOR solution brief and find out how you can accelerate your security infrastructure.

Passive and Active Security

The NETSCOUT packet flow switch technology helps you create a pervasive defense architecture against a broad range of attacks. The nGenius packet flow switches provide critical visibility to combinations of security solutions like active inline network analysis and passive, out-of-band network forensics appliances as well as active payload analysis offerings.

Active Inline Aggregation

The NETSCOUT nGenius packet flow switches support active inline monitoring by both dual-port and single-port tools with either copper or fiber media type. Traditional active inline solutions typically only provide one-to-one network-to-tool mapping. With nGenius, inline network segment to inline tool relationship may be one-to-one, one-to-many, many-to-one, or many-to-many. Multiple network segments can be aggregated to one or more inline tools. Flow-aware load balancing and speed conversion ensures smooth and clean traffic distribution.

Packet flow switches from NETSCOUT enable deployment of an inline security infrastructure in a virtual chain, rather than cabling each system into a physical configuration. The key advantage of this approach is the 50% reduction of ports needed and the elimination of complex physical cabling configurations. At the same time, each device gets exactly the traffic it requires, at the speed and in the form that it is designed to accommodate, improving monitoring efficiency.


PowerSafe enables you to enforce your organization's specific security policies in the event of power loss. Behavior can be either Fail-Open, which allows the network traffic to flow back to the network unmonitored, or Fail-Closed, which blocks the network traffic from continuing to flow unmonitored. Additionally, PowerSafe can be controlled on demand through manual configuration during operation of the system, such as when investigating active inline tool issues that might be affecting network traffic availability or performing tool maintenance updates.

Custom Tool Health Checks

The nGenius packet flow switches perform an application health check, a full diagnostic with both "negative" and "positive" health checks. Positive health check packets test out the hardware state of the active monitoring tool, ensuring that it is powered and linked. Negative health check packets verify the software state of the active tool, ensuring that it is processing the live traffic, blocking applicable packets, and protecting the network. The nGenius product family extends health check capabilities even further by allowing users to customize health checks for their active tools.

Self-organizing Architecture

In contrast with other approaches that are either unreliable, too expensive or difficult to maintain, the nGenius packet flow switches provide self-organizing architecture, with a redundant, self-healing mesh topology over LAN enabled by its vMesh technology. No user intervention is required once the connections are set up in the software.

Hybrid Port Mapping

As security systems evolve and begin to perform more functions, such as combining firewall and IPS functionality in one system, providing the right traffic to these devices can be a challenge. Whereas before a security system was dedicated to either active and passive inspection, some of today’s security systems fuse these functions in one single device which needs to receive both active and passive traffic. The nGenius packet flow switches do exactly that: they deliver both types of traffic on the same port to the security system that needs it. This functionality eases the migration from passive to active security, enabling a single security system to be used for both deployment scenarios.


The packet flow switch architecture enables a unified packet plane that scales and operates dynamically, regardless of infrastructure modifications or changes in the source of network traffic. With the nGenius packet flow switches from NETSCOUT, enterprise security systems can be physically anywhere and logically everywhere. nGenius provides critical visibility to combinations of security solutions, such as inline network protection and passive out-of-band intrusion detection appliances, as well as active payload analysis offerings. Visibility architecture, based on packet flow switches from NETSCOUT, increase reliability and simplify scaling of active security infrastructure. If any active inline security applications fail, they may be bypassed or traffic can be sent to another system.

nGenius 2200 seriesnGenius 4200 series


Hardware-accelerated packet optimization and active tool chaining deliver advanced packet flow switching for 10G networks. Modular chassis provides up to 24 10GigE/1GigE ports. LEARN MOREHardware-accelerated packet optimization for service assurance and security systems on 40G networks. Modular chassis provides up to 64 10GigE/1GigE ports or 16 40GigE ports. LEARN MORE