Eight halls. 65,000 attendees. Water cannons. Android everywhere. Apple not there.   

That about sums up MWC 2012 in Barcelona. It's a huge event with hundreds of exhibitors spread over the eight halls located at Fira Montjuic in the heart of Barcelona. The 65,000 attendees is clear proof that the mobile market is where a lot of organizations are investing dollars ­ from engineering to architecture, and from applications to services. It is also clear that this market is in a state of major and rapid evolution as global demands for mobility span both the professional and personal aspects of our lives.

We've been serving this market around the globes since inception of the company and­ in fact some of the first customers of Gigamon were Service Providers. We decided that it was time to have a clear presence at this notable event and hence we had a booth in hall A of the event. We were highlighting solutions to help Service Providers address three major aspects of their infrastructure: 

• the scalability and manageability in the world of 4G data
• monitoring and maintaining the voice service quality in both 3G and 4G worlds
• the drive to virtualize the back end provisioning and billing environments.

Combine those core monitoring and management needs with the need to create new and compelling application-based service offerings in the near future, mobile service providers were looking for new, innovative and valuable approaches, hence the interest in the Gigamon show presence.

Android devices were everywhere as was a large development presence to drive more applications and solutions onto their platform. At the same time, Apple product was everywhere, but the organization wasn't present. However, that¹s a well discussed topic, so no need to dwell on it here.

 

 

And, the water cannons. They were outside the event when the local students decided to grab the opportunity to protest and gain additional attention during MWC. Their demonstration resulted in minimal disruption at the event, and represented a good excuse to grab a drink at one of the street side cafés while the traffic died down that evening.

Looking forward to seeing you at the Asia Mobile World Congress in June in Shanghai.

The network continues to accelerate. Where one 1Gb was sufficient, 10Gb is now required, which means that where 10Gb was appropriate, 40Gb or 100Gb is demanded. Are we fast approaching a 1Tb Ethernet connection? Possibly, but with the recent demonstration by Cisco of 40Gb and 100Gb interfaces on their Nexus product at the CiscoLive event in London, it’s clear that we enter a new phase of performance for the Ethernet world.

We were a Gold sponsor of the event this year (we also sponsor other CiscoLive events in Vegas and Acapulco) as they represent a great opportunity to engage with Cisco networkers who are on the front line of the network world. They are enabling and enhancing infrastructure to support increasing volumes of network traffic that is accessed from work, home, or on the move with mobile devices. We also took this opportunity to sponsor the backpacks (or “rucksacks” in Queen’s English) that were received by all attendees of the event. Seeing our logo around the ICC ExCel center, on public transport and even across Heathrow over the following weekend, is one more affirmation that Gigamon is undeniably an enduring fixture within the Cisco user and partner community.

During our trip to Cisco Live, we not only got the chance to meet with Cisco users, but we were also able to build new relationships and strengthen existing ones with technology partners and top IT solution providers and resellers. With these relationships, Gigamon and our partners are able to continuously enhance the development and delivery of our offerings to customers.

We used the show as a launch venue for two new products that continue to demonstrate our market leadership. The GigaVUE-TA1 (where “TA” stands for Traffic Aggregator) is purpose-built to aggregate traffic from low-utilization 10Gb links into higher utilization 10Gb or 40Gb “gateway” connections into our Visibility Fabric. We also announced the GigaPORT-Q02X32, a further addition to our portfolio of H Series line-cards, that offer a full 320Gb of connectivity in a single chassis slot through 24 ports of 10Gb and 2 ports of 40Gb. The launch of these two new products combine to create a powerful aggregation solution delivering 40G connectivity in preparation for the next upgrade cycle and higher-speed monitoring tools.

See you at RSA in San Francisco or Mobile World Congress in late February!

 

The volume of traffic is growing exponentially on networks both large and small on every continent around the world. Responding to this growth, network data-rates have been increasing in order of magnitude from 100/1000Mbps to 10/40Gbps and will be breaching the 100Gbps threshold within the next 18 to 24 months. The increasing raw performance of the network coupled with the wide spread adoption of converged, next generation networks carrying voice, video, and data are all enabling a proliferation of devices and network end-points.  At the same time, and amplifying the complexity of IT professionals, is a user-workforce that is significantly mobile which demands additional infrastructure to maintain and enhance the inter-departmental and inter-organizational communications.

Ensuring the health of a network is paramount to enable organizational revenue generation, sustain and enhance the customer experience, to protect confidential information, to secure intellectual property, and to allow the organization to maintain compliance to appropriate standards. Monitoring the network, and specifically the traffic on the network, for malware, network attacks, performance, and internal theft has become paramount for IT teams around the globe. In an effort to address this objective, IT professionals deploy numerous monitoring and security appliances to specifically address these individual requirements. However,  these monitoring systems are only as effective as the information and traffic that they can see. Limit visibility to the traffic, and the value of these systems is equally limited. Therefore, to effectively deliver pervasive insight, the monitoring, management and security systems that IT deploys, demands visibility to traffic at every network segment.

Not an easy challenge to address.

However, IT teams are turning to a new approach – the Traffic Visibility Fabric – that delivers pervasive insight while also ensuring that monitoring and security devices see only the traffic and packets that are appropriate and required by intelligent filtering of the traffic flows in the Fabric prior to the monitoring appliances receiving the packets.

There were two primary methods for filtering traffic in the network - at ingress and egress of the switch deployed to provide visibility to the traffic. Inherent downfalls exist in both approaches. Connection-based filtering on the ingress can only forward one protocol at-a-time as it eliminates all other traffic at the point of entry. For example, when a VoIP recorder is the desired destination, only VoIP packets can be delivered by the filter; all other packets are dropped or ignored.  Similar problems occur when filtering on the egress ports.  Since no filtering takes place until the traffic is sent across the switch architecture, oversubscription can result if the sum of all ingress traffic exceeds the performance of the egress port.  The excess packets will be dropped randomly before ever reaching the monitoring tool. Alternatively, rule-based filtering can quickly become unmanageable. As the number of ingress points increases so does the rule and configuration complexity. Changes become very complex - if not impossible - because each connection rule and the associated decision logic is created separately. Furthermore due to the nature of switch ‘rule processing logic’ and as ingress or egress flows increase, new connection rules need to be added manually and usually cannot be added to existing rules.

With all these challenges, a new approach was required and therefore we started from scratch and developed a technology called “Flow Mapping®”. Flow Mapping is combination of both software logic and algorithms in combination with purpose built hardware platforms that perform traffic pattern matching to fully configurable rules and ‘Boolean’ logic. Enabled by Flow Mapping, IT network, management and security teams can specifically select traffic to forward, to specifically define one or many destinations for the traffic and whether the traffic should be manipulated in route. By deploying Flow Mapping, users can include or exclude traffic based on many criteria including, MAC addresses, IPv4/IPv6 source and destination addresses, application port numbers, ethertypes, VLAN IDs, protocols, and many more.  

With Flow Mapping installed within the visibility fabric, each monitoring and security tool receives only the information that best suits its individual strengths and nothing else. Traffic arriving at a single ingress network port can be sent to multiple destination tool ports to overcome tool port oversubscription when the aggregate ingress traffic exceeds the capacity of a single egress port & monitoring tool.  If two 1Gbps ingress ports are sending traffic to a single 1Gbps monitoring tool, there are likely to be situations where the tool port would become oversubscribed and drop packets. This can be addressed with Flow Mapping by removing irrelevant parts of the data stream that are not required by a specialized tool. For example, there is no value for a Web Performance Monitor to receive SMTP, SNMP, or UDA traffic. This capability will free up processing cycles and capacity on various monitoring tools as they no longer face higher volumes of traffic. Modifications to Flow Mapping logic can be applied to all ingress ports, to a subset or a single port, so that change can be made rapidly and pervasively across a complete Visibility Fabric if required.

2012 is almost here and it promises to continue the 'techno-social' revolution that started a few years back. This revolution is changing our lives at home and in the office; it is blurring the line between our personal and our business lives, and it is changing the way IT services will be delivered in enterprises and service providers around the globe, forever. 

A few years ago we were all hearing about a new model – the model of "IT as a utility". This represented an approach to deliver IT services in the same way as we consider electricity or plumbing a utility. Many in the IT industry looked with some doubt at the new model and with good cause – this utility based model would change the way we deploy, manage, account and audit the services, platforms and technologies that we deploy to serve our user communities. But the doubt (and fear) was short lived as the topic died from discussion about as quickly as it had risen.

However, a new phenomenon started in our user communities that, in many ways, has moved IT service delivery into the utility model. With the arrival of a plethora of new user-centric smart devices and systems, the edge of the IT world started to rapidly commoditize. Bring Your Own Computer (BYOC) models arose in enterprises everywhere resulting in the edge device now being owned, provisioned, managed and configured by the end-user. At the same time, the wave of virtualization at the core of the Data Center truly commoditized the server and compute infrastructure as virtualization provided an abstraction between the hardware that was the heart of the buying decision 5 years ago, and the application where the true business value resides. So, as quickly as the devices on the enterprise edge became a commodity, so did the compute hardware in the Data Center. 

And what became clear from these changes was that the value delivered by IT to the business was not the device provisioning, management or support, but in the information that those devices required. Information that is delivered from applications across the globe to handheld devices used by the corporate employee in the airport lounge, the corporate headquarters or at home.

This information creates the true IT value; the information is the value. 

I would like to suggest that we saw this wave of change within enterprise and service provide IT infrastructure when we started Gigamon back on a white board in 2004, but we didn't. However, what we did see was a future in which it is critical to establish and maintain visibility to information, to traffic and to data everywhere. Although the consumerization and, to some degree, commoditization of IT has changed the infrastructure landscape in a way that few predicted 8-10 years ago, the significance and value of the information and traffic that flows across global networks has proven our vision to be true.  The visibility to the traffic – to information in flight – is one of the highest priorities for the IT professional in organizations of any size.

So, as 2011 comes to a close and 2012 awaits, at Gigamon we are looking forward to the exciting wave of changes that are ahead as the Enterprise IT service delivery models and the associated solutions provided by Service Providers continue to evolve and develop, and through innovative new Visibility Fabric solutions, we create exciting and compelling services and solutions for our user communities.  

-- Ted Ho --

By: John Mattes

One of the top value propositions that GigaVUE customers experience is a reduction of traffic to manageable levels so that they can monitor 10G network links with 1G tools or if they want to reduce the amount of data any tool is seeing to improve performance as the network monitoring tool does not have to process data irrelevant to that tool.  This is all accomplished using Gigamon's patented Flow Mapping technology. Flow Mapping technology is a filtering technology that creates very detailed traffic distribution policy on multiple aggregated network ports.  These policies, called Map Rules, can send specific data to specific tools all at full line rate. Once a user creates a Flow Mapping policy the map is distributed and bound to the ingress network ports.  The main advantage of the map is that you can easily modify the rules across multiple ports with little effort.  Even when the map is bound users can use pass-alls to send unfiltered data to tools without disturbing the filtering that is in place. 

To simulate Flow  Mapping,  I enlisted the help of one of the Monitoring Tool Providers, NetScout. The InteropNet NOC is one of the most heavily attacked networks when the network goes live.  To demonstrate Flow Mapping I created rule sets that diverted attack attempts to a separate port.  Some of the traffic I diverted were SQL attacks, SMB over IP attacks used to gain access to personal computers, and attacks over port 22.  Below is a screenshot of traffic levels before and after filtering.

In the beginning of the bar chart you can see the effect of filtering on traffic.  Just to validate, I unloaded the Flow Map and then re-enabled around 10am.  The bottom red line represents the traffic level with filtering and the top red line represents filtering without the filtering.  You can see that with filtering traffic going to the NetScout Infinistream was roughly 40 Mb/sec.  Without filtering traffic was roughly 120 Mb/sec or higher.  By enabling the filtering I was able to reduce traffic levels over 200%.  This reduction of traffic can make a huge difference for tools that inspect large amount of data.

 

This is the complete report for those that are interested in data that we are capturing here at the InteropNet NOC.

By: John Mattes

Today is Gigamon's shirt day in the NOC.  Every year at Interop during the show the InteropNet NOC team wears providers T-Shirts during the show to increase the marketing exposure.  Today is Gigamons T-Shirt slot for the show.  Gigamon provided two different shirts for the volunteers and sponsors:  The bright orange "I'm a G" polo and our "Bat Signal" shirt

Gigamon orange is taking over the NOC

In Their Darkest Hour the Interop NOC Signals Gigamon

Today in the Gigamon booth (Booth #1021) we are giving out our 2nd of three limited edition shirts. Hurry up they won't last

GigaMonsters Do It Out-of-Band

By: John Mattes

Interop is in full swing now!! The show floor has been open for almost two hours, and the customer enthusiam around our new GigaVUE-HD8 product is overwhelming.  Below is our cool new rack to showcase our exciting new product:

Look at the blue underglo...Oooohhh!

Our booth has been steadily busy since the doors swung open, below you can see our booth with staff and customers:

As I mentioned in my previous post we are giving away a limited edition shirt each day in our booth (250 shirts).  Todays shirt is our "Running With The Big Dogs" shirt representing the Terabit barrier we are smashing with our new product.

Meet DAN the Gigamonster!!

By: John Mattes

Today is the first day of the InteropNet Expo.  The InteropNet NOC is humming along with no major or critical issues.  All the sponsors and team leads for the InteropNet NOC team has been top notch throught this whole event.

Our beautiful orange boxes in the NOC

Today is going to be a full day.  There are a couple of activities today:

-NOC Tours (11am,1pm,3pm)- Guided tours for attendees to learn about NOC

-Monitoring and Metering Class (Booth 2075, 12:15pm) - InteropNet NOC sponsors will talk about monitoring the NOC.  I will speak on behalf of Gigamon at this time.

-Booth Presentations (Booth1021, Starting at 10:20 and running ever 20 minutes) - Stop by and visit our booth to come see the GigaVUE-HD8 and listen to an exciting presentation form our very own Andy Saks. If you attend you will be entered for a drawing for a Mac Book Air.  Every day we will draw for a Mac Book Air and we will be giving away limited edition T-Shirts each day.

-If you want a personal tour of NOC send me E-mail at john.mattes@gigamon.com and I can give you a bird's eye view of the NOC

By: John Mattes

Tommorow is fight night in Vegas and for those that don't know the casino's will be electrified with excitement before, during, and after the boxing match.  To mark the occasion, the Gigamon team at Vegas did a KO of our own.  James Bettencourt and myself worked together to get the booth for the most part setup minus the Rack Mounting of Gigamon's new product that was announced on Tuesday, the GigaVUE-HD8.  This product is going to be a game changer as networks migrate from 10 Gigabit and Beyond.  The buzz around the GigaVUE-HD8 is at a frenzied pace.  Network Computing wrote an article regarding this revolutionary product today.  Please see link below.

http://www.networkcomputing.com/data-networking-management/gigamon-introduces-new-data-access-switch-for-high-density-uses.php?p=2

Below are pictures of our booth:

This is going to be an exciting show for Gigamon and I encourage anyone in Las Vegas for Interop to come visit us at Both 1021 to check out the GigaVUE-HD8 and chat with the Gigamonsters.

Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4

By: John Mattes

One of the great benefits of working in the InteropNet NOC is the chance to work with other tool vendors in the marketplace.  One of the greatest values Gigamon provides is simplifying monitoring data access for tools.  One of the vendors that are an Interop sponsor is JDSU.  JDSU JDSU T-BERD 4000 ESAM (Enterprise Services Application Module) www.jdsu.com/esam connected to the GigaVUE-2404 in one of the PED's

Gigamon is feeding the JDSU T-BERD 4000 ESAM the internet feed that is feeding the InteropNet NOC and is monitoring statistics such as utilization, top protocols, and top talkers at full line rate in a hand held package. Providing data was a relatively simple process involving aggregating the bi-directional feed from the internet connection to one network cable that attaches to the analyzer.  The whole process was one line in the CLI or dragging two lines and took no more than 10 seconds of effort.  Please stay tuned as I Introduce other vendors in the coming days and how Gigamon helps empower these products.