BradReese.Com Cisco vs. ZTE Price Quote Comparisons

Home About Repair Power Supplies Refurbished Blog Quick Links Site Map Contact Us

 
Mike Patterson speaks out
Learn more about Mike Patterson...
Archive
  Help

Aironet

Power Supplies

VoIP Gateways

Cisco Repair

Refurbished Cisco

Cisco CPQRGs

New Cisco

New HP ProCurve

Cisco Tools

Competitive Lab Tests

Tech Forums

How-to Tutorials

CCIE Gossip

Blogroll

  
View the archive of Mike Patterson speaks out

Subscribe to Bloggers speak out on BradReese.Com

Cisco NGA 3240 scaling up to the competition

To avoid the sampling issue which has crippled the growth of sFlow, some vendors have followed the nTop lead by allowing for a definable flow tuple.

Sanford, ME:   Mon, 10/14/13 - 5:05pm    View comments

CiscoEmulexThe NetFlow Generator Appliance (NGA) market is scaling up to meet the demands of high speed networks. Vendors such as Cisco, Emulex, NMON and nPulse are all claiming support for 10 Gig and higher speeds. Your NetFlow and IPFIX collector better be ready to scale up!

Software based NetFlow Probes

NMONnPulse TechnologiesBefore investing in an expensive NetFlow Generator Appliance, many companies start off by implementing a feature rich yet less scalable software solution such as the nProbe or YAF which allows them to get an idea of how they want to deploy probes. YAF makes no claims about being scalable into the gigabit speeds, but the nProbe line is available as an appliance called nBox.

What should be noted about these soft probes — especially the nProbe is that they offer richer details in their exports than the more expensive hardware appliances. They include elements such as round trip time, packet loss, URLs, jitter, codec, etc. Cisco exports many of these details from IOS, but not on the NGA 3240 platform.

Cisco NGA 3240

However, Cisco's taking their NetFlow Generator Appliance to the next level. Earlier this year Cisco announced the end of life on the NGA 3140 and the arrival of the NGA 3240 which is capable of exporting over 1 million flows per second.

  Port Count Flow Version Max Throughput
Cisco NGA 3240 4 NetFlow v5, v9 & IPFIX 32 Gbps
Emulex EndaceFlow 3040 4 NetFlow v5, v9 & IPFIX 30 Gbps
nBox-10G 4 NetFlow v5, v9 & IPFIX 20-40 Gbps
nPulse CPX 2+ NetFlow v9 20 Gbps

As shown above, most of these appliances include four 10 Gbps monitoring interfaces which allow them to collect traffic from more than one network device simultaneously. With flow exports from a single NGA exceeding 1 million flows per second, they can exceed what most single NetFlow collector appliances on the market can handle. To deal with this problem, the Cisco NGA provides a one 1 Gbps management port for NetFlow Data Export and can round robin the flow volume to as many as six collectors. For this reason, flow collector vendors like Plixer have designed their distributed NetFlow collection architecture to allow consumers to reach across dozens of collectors to generate a single report representing 100% of the original traffic.

Round Robin Flow Exports

To ease the burden on flow collectors, NetFlow packets being exported from the Cisco NGA can be rotated among the specified collectors according to the desired weighting. This may avoid overloading any one collector with too many exported records/minute. If on the other hand you wish every flow to be exported to all collectors, a multi-destination policy can be applied: A multi-destination policy can be applied

What about Flow Sampling?

To avoid the sampling issue which has crippled the growth of sFlow, some vendors have followed the nTop lead by allowing for a definable flow tuple. Cisco calls it Flexible Netflow. A definable tuple allows the consumer to specify which fields will be matched and collected in each flow record. For example, removing source and destination ports from the flow and adding layer 7 application can reduce the flow volume in some environments by as much as 90%.

Weigh NGA Features Carefully

To some NGA consumers capacity isn't the most important factor when making a purchase. Features like the ability to define the flow tuple and DPI capabilities that can provide layer 7 awareness are key differentiators depending on the needs of the business. With more web applications defaulting to a HTTPS connections, I believe SSL DPI could be a differentiator in the near future. So far, SonicWALL is the only vendor doing it and we expect more vendors to follow.

Mike Patterson's other blog stories:

Dell solves complex business problems

Enterasys Secure Networks

Mike Patterson speaks out

Systrax High-Impact Network Monitoring

TMCnet Advanced NetFlow Traffic Analysis

Join the NetFlow Developments Group on LinkedIn
 

What's your take?

Subscribe to Bloggers speak out on BradReese.Com

Favorite Blog Story Picks

  1. Insieme hardware-defined networking guru attacks former employer Nicira
  2. Competitive test: Aruba 10-times faster than Cisco Meraki
  3. Cisco CEO John Chambers celebrates $24 million payday
  4. Compare the new Cisco Nexus 3132Q vs. the new Cisco Nexus 3172PQ switches
  5. Cisco's open letter to the European Union, Parliament, Commission and Unified Patent Court
  6. Cisco nPower X1 NPU, CRS-X and network convergence system (NCS) questions with answers
  7. An embarrassed Cisco backtracks on CCIE Voice retirement
  8. You don't know NetFlow - Mike Patterson
  9. Aruba, Cisco and HP top 2013 Gartner Wired and Wireless LAN Magic Quadrant
  10. Extreme Enterasys will become the new E & E of networking
  11. Audio tape of Cisco's lawyer being humiliated in court
  12. For the first time in history the Cisco overseas headcount now outnumbers the U.S. headcount
  13. View Cisco's entire RMA global customer database online
  14. Unconfirmed rumor Cisco gave totally fake TelePresence demo to President George W. Bush
  15. Unconfirmed rumor: Belkin will guillotine Linksys staff in October
  16. National security behind new murder trial of former Cisco employee
  17. Cisco's now actively considering external candidates to replace CEO John Chambers
  18. Is the National Security Agency (NSA) killing innovation at Cisco?
  19. Cisco could own the SDN market
  20. View the archive of Bloggers speak out on BradReese.Com
 
comments powered by Disqus

CCIE available Metro DC

Supplement Cisco SMARTnet Contracts

 

©2013 BradReese.Com - Home - About - Repair - Power Supplies - Refurbished - Blog - Quick Links - Site Map - Contact Us