Network Critical Smart Network Access System for TAPs and Spans Support Aggregation and Filtering

Starting with a standard high quality breakout TAP Network Critical has advanced the product line to meet the demand for aggregating and filtering to effectively monitor VoiP, IMS, VoIP, TVoIP and other multi-media protocols that involve the need to TAP several segments to capture signaling and call controller messages along with the call data.

A single TAP in a standalone housing can be used to aggregate transmit and receive streams to a monitoring tool, convert the interfaces, and regenerate packets to a second monitoring tool. This same "TAP" can take in two spans and perform the same functions. Amazing for a device that can cost you less than $1,000.00 (if you attend a 1/2 webex for a Discount Voucher and when you buy from OASYS) click on link below.

For larger deployments Network Critical offers a 1U chassis with 4 slots that can take that same TAP and three more creating a matrix switch with aggregation and filtering capabilities across the all ports connected. The chassis is controlled through an ethernet port on a management module that can also be used as a stacking port or another monitoring/tool port. This makes a loaded 1U system capable of 17 ports configurable with different interfaces and to operate as TAPs, Span, Tool, Aggregate, and/or Filtering and regeneration of desired packet flows. Compare this system to the matrix switch companies that are trying to get a handle on aggregation and filtering and you will be pleasantly surprised at the price performance of Smart NA. The largest current chassis is a 2 U and will support up to 48 ports. All the above is controlled from either a CLI serial connection or via the imbedded Web GUI. Extensive security features for access and logging are built-in so you won't get another charge to manage your network access system.

For 10Gbps Network Critical currently offers a 2 port device that can act as a breakout TAP or aggregating TAP with filtering. Additionally, there are 2 1Gbps output ports that can be configured to send your tools just what they need to see. A common application is for MSO's or Carriers to TAP a 10Gpbs link, aggregate or breakout the 10Gbps to other appliance or tools, and regenerate just the VoiP packets out to the 1Gbps ports for voice quality monitoring. This powerful device doesn't stop there but also provides statistical output on a third 1Gbps port that is also used as the management port. Ideal solution for CALEA, Enterprise monitoring and packet slicing or filtering  from a 10Gbps segment to feed 1Gbps tools. 

To sign up for an informative 1/2 hour session and then recieve a Discount Voucher please go to  http://www.oasyscorp.com/networkcritical.html  . You’ll also find additional information on the entire Network Critical product line.

Network Management: How can I go forward when I don't know which way I'm facing? -John Lennon

With the financial downturn I'm seeing that our successful clients are spending to enhancing their management structure to move forward and squeeze every advantage they can out of their IT investment. The companies that are in trouble are holding back on new purchases that have very short ROI's.  I read a great article from the Gartner Group written by John Clark that was posted to the LinkedIn American ITIL Group. 

http://mediaproducts.gartner.com/gc/webletter/metastorm/vol2/issue4/metastorm2.html and will be sending the link to many of our troubled accounts.

Putting my money where my mouth is: After reading the article I contacted Jeff Birschtein at ColumnIT to sign myself and Matt up for the V3 training in NYC. The successful clients we are meeting with all talk about ITIL and processes that are working. So to better serve our customer base and be more in tune with the ITIL certified client we are spending the money to move forward and enhance our own operations. If you haven't seen this befor start at:
http://www.itil.org/en/
and on Linkedin join the American ITIL Group - see you there

Stonesoft is made to order for companies that use ITIL Good Management Practices

SIGNUP FOR THE Recorded Session of Stonesoft <-> ITIL V3 Alignment

June 23rd, 2009 at 11AM to 12PM EST We are running a FREE Web Seminar with Stonesoft aligning StoneGate's (Unified Threat Management System) Firewall/VPN, IPS, Virtual FW+IPS, and Centralized Management Solution to ITIL V3 Practices. We will be identifying "10 Quick Wins for ITIL V3" when implementing Stonesoft's Solution.

Go to REGISTER to sign up to view the On-Demand recorded session of Stonesoft with OASYS and ITIL V3 "10 Quick Wins" Free Seminar.

________________________________________________________________________________

The process of aligning your IT to meet your business objectives is a daunting, although has become a necessary endeavor. Business owners want to maximize all the resources and investment in IT to meet the objective and have visibility into the effectiveness of the investment. ITIL is a best practices management approach and defines Services, Processes, and Roles that are organized in a comprehensive framework to enable Continual Service Improvement.

Security of information and its maintenance is of utmost concern and affects everyone.  Every Service and Process owner needs to implement and monitor security relative to their roles.

 Stonesoft has created a product offering that addresses easing the management of IT security across the physical and virtual planes. Through a unified approach that includes Firewalls, Intrusion Protection Systems, Link Load Balancing, Server Load Balancing has been designed as a single Integrated Threat Management system. All this is managed from the StoneGate Management Center satisfying many ITIL practices.

The IT Service Management (ITSM)  key task of fitting security into the management organization is addressed by features of the unified Stonesoft solution.

Security Requirements are specified in underpinning contracts, legislation and possible internal or external imposed policies and the Business Policies. Streamlining and implementing of security policies, monitoring compliance, managing incidents, and the change management process is the driving force behind the design. The hardware and software architecture is targeted at satisfying many of the ITIL principals.

Stonesoft appliances can be clustered into groups of up to 16 units for the purpose of management. These appliances report to and are controlled from the StoneGate Management Center (SMC). Information is correlated between all devices to continually confirm policy enforcement. When planning and building your infrastructure and installing Firewalls, IPS’s, Link and Server Load Balancers the designers are faced with the task of multiple management systems and interfacing security for the element at each stage.

With a unified Stonesoft solution planning and implementing is done in a phased approach. Turnkey Services from Stonesoft allow existing systems to continue to operate and these systems are monitored by StoneGate Management Center through a Transition Lifecycle into operation.

Key Performance Indicators (KPI’s) are made available through an evaluation when the Stonesoft appliances are in “learn mode”. Once active the KPI’s are continually reported to the SMC. The SLA’s for Firewall VPN, IPS, Link Load Balancer, Server Load Balancer are all monitored from a single location and correlated for departmental or enterprise wide monitoring.

Consider the replacement of older or homegrown Firewalls. Once Stonesoft Firewalls are in place a phased approach to replacing Server Load Balancers may be the next improvement since Stonesoft will provide SSL inspection of encrypted traffic.  This migration can be controlled from the StoneGate Management Center . The product can purchased to effectively replace any of the five appliances and later upgraded to replace the remaining four.

Reports are generated throughout the processes to confirm desired outcomes. Logs of all activity, alerts, performance, incidents, and system health are archived in a consistent manner and are always accessible. Service Managers and Process Owners have a clear picture of security relative to their role without the task of manually collecting and correlating multiple logs and reports from several elements.

Audit reporting, system upgrades, compliance, incident control, and capacity monitoring is streamlined from several management systems to one StoneGate Management Center. There are less individual SLA’s to manage, less individual appliances, lower the cost of management, and simplification of several complex operations.

 

Here’s a quote from Denys Foley at Xerox that summarizes the advantages of Stonesoft…

Based on Xerox's return-on-investment calculations, the Stonesoft firewalls paid for themselves in just over a year when used only as firewalls. But when adding their VPN, content switching and multi-link WAN load-balancing capabilities -- which were not considered when the gear was bought -- the devices have generated more savings, according to Denys Foley, the infrastructure manager for Xerox Global Services in Rochester, N.Y.

"We spend less time setting up VPNs and their policies," he says. "I have also taken my content switches out of the Web farm, and I let the firewalls handle distributing the load among Web servers. I get rid of licenses and training, and I can manage all [these functions] from one console."

OASYS is a source for CALEA approved hardware and software.

 

Face it we are in dynamic times. 10Gbps, new protocols, and federal requirements. Through the years OASYS has provided our clients with solutions to satisfy court order requirements for legal intercept required by FCC/LEA (Law Enforcement Act 1994). From the days of Carnivore we grew with the requirements.

Let's take it from the wire:
A. To get at individual or streams or a target’s data on 1Gbps and 10Gbps shared links it is necessary to filter down to a target (i.e. IP address or set of addresses). The recording tools are often not up to the task of capturing all the packets when stressed to sustained high utilization of 600Mbps or more. Gigamon and others manufacture appliances that can be configured to only pass packets based on your filter. Ok so we got the target stream to just that target.

B. Now the recording tool has to have the ability to capture and store that data in a protected fashion to maintain a legally useful Chain of Evidence. Some manufacturers provide a federally approved software component to accommodate this application. WildPackets is our partner and they are above the other as they have been with this application from the beginning and provide a complete recording tool call the OmniEngine which can be offered as a complete appliance or you can build your own with applicable hardware and storage.  We will build to suit on IBM and HP servers. A few clients have requested connections to existing SAN's and we have provided HBA controllers to support this. WildPackets also provides high performance Gigabit and 10Gbit Analyzer cards with GPS packet time stamping to insure accuracy and no packet loss.

C. Storage can become an issue so in a few cases we have built the entire system - from the wire to the taps to the aggregating and filtering appliance that feeds the recorder. With multiple targets being captured at the same time storage becomes an issue where the internal multiple TB system needs to off load to a SAN's. To keep maintenance and support streamlined we work as a Business Partner with IBM to accommodate all the hardware and support for the platform.

D. Pulling it all together. Early on in the process many broadband providers outsourced to Trusted Third Parties or owned a few systems that would be deployed when required by DOJ orders. As requirements grew with technology changes and requirements became more specific broadband providers installed collectors through out the network. Prices for hardware and software have fallen and money has been made available to assist in becoming a compliant carrier. We are involved in upgrades to earlier systems that lived on a plane and are no longer capable of keeping up or supporting new protocols like VoiP.

Anyone interested in what is new and required can contact Chris Johnson at chrisj@oasyscorp.com for more information or questions on what you can do about VoiP requirements and the many protocols you will encounter.

What is the best way to setup our blog and webpage to be found?

So far we see that TypePad recommends Tecnorati. We have also submitted to Google and have our webpage linking here. I know I will need to contact other relative blogs to interface but for now I was wondering if anyone can provide a quick check list? I guess the preflight check list will never leave me.

I just noticed that if I sign up with Technorati I will move up the que.

OK, I configured Trackback to technorati, and I see that I can embed code or get a widget - I've become widget crazy. I've gotta learn SSI and get my new version of CS4 loaded.
Now, I see below Technorati Tags - go'n to Help..
I'm getting there. I'll put in something like typepad, configuring Technorati, weblogs, tags
I imagine there are popular tags and a list somewhere...http://technorati.com/tag shows the top 100 and I guess this is another job to put in something that will get tags from posts..
Excepts? Just thru in a sentence from above.
Keywords? Looks like I can enter them here or later use a metatag for a category...I'm still crawling b4 I walk.

Analyzers aren't just for packets anymore.

Application profiling, re-threading, and one way latency is making these tools dangerous to bad networks.

Expand Networks is solving the slow down in the virtualized data centers.

New software and hardware from Expand is once again getting the data flowing and keeping those MPLS costs to a minimum.

Gigamon GigaVue is ready for those that held off for higher 10Gbps density.

Shipping since December, the GigaVue 2404 is saving the day in this tight economy with low per port pricing. There was also a press release on the company getting patents.

Netcordia NetMRI version 3 is out with alot of enhancements.

Based on configuration files we are getting closer to really keeping up with changes and conformance in these worldwide enterprises.

OpNet has released a new NetMapper program to facilitate quick visios.

The NetMapper docs say that it will go out and discover the nework elements, call up the visio item and draw a near realtime map of the network.

IT Service Management Check List

I was thinking of a check list of how to approach IT Service Management with emphasis on where OASYS can provide solutions. The first thing is to know where we are so we can measure the changes.
(After stating the Business' Objectives of what they do to make money - or operate and provide IT services)

 1. Get an inventory of hardware and applications and a near real time network map!
That last one seems to be a major problem in most organizations. I'm guessing 2 maps - one logical for applications and one showing a topology that can be drilled down.