Solera Networks delivers full network packet record and stream-to-disk technology to enhance security, improve network forensics, enforce compliance, and insure overall network availability. Think of it as TiVo for your network. In today's 10Gb environment, polling or sampling strategies are simply too incomplete for network management. Solera Networks' patented technology captures 100% of your network packet traffic. Unlike other solutions, our solutions can continuously stream-to-disk at unprecedented speeds (up to 6.4 Gbps), making comprehensive network recording and playback a reality. With Solera Networks' open platform you can choose which network tool to use. The Solera Networks appliance supports literally 100's of commercial, custom, and open-source applications via our virtual interface technology and live regeneration capabilities.
How to Troubleshoot Apps for the Modern Connected Worker
GigamonU - Solera Blend Riches, Packet Record and Playback Appliances
1. Packet Record and Playback
Appliances
“TiVo for your Network”
®
TiVo and the TiVo logo are registered trademarks of TiVo Inc. or its subsidiaries.
2. Our Technology
Network Packet Capture:
• Stream-to-disk technology enables capture at an
unprecedented 5.0 Gbps (bursts up to 6.4 Gbps)
Packet Storage:
• On-disk file system captures 100% of network packet traffic
(including payload) for archiving/audit/analysis (up to 240 TBs)
Access:
• Captured data is available via industry standard formats
• TimeShift™ technology enables data playback in multiple
formats for analysis and review
®
Solera Networks 2007
3. Capture
• Infinite Network Packet Capture System (INPCS) built on top of
Security-Enhanced Linux (SELinux) OS
• Proprietary file system optimized for high-speed disk writes
• Full packet capture, including payload
• 2 proprietary partition types:
• ActiveCapture™ (Insures “Legal Chain of Custody”)
• ActiveArchive™ (Used for compliance with Sarbox, HIPPA, etc.)
• Lossless capture speeds of 5.0 Gbps (bursts to 6.4Gbps)
• Packet time-stamping at nanosecond level
• Layer 2 - Layer 7 traffic
®
Solera Networks 2007
4. Storage
• The Solera Networks File System utilizes several key
technologies with commodity hardware:
• Ring Buffer and Direct Memory Access (DMA) usage are optimized for high-speed read and
write-to-disk
• Traditional bottlenecks (CPU, Memory, etc.) are eliminated
• First in/First Out (FIFO) caching algorithm insures continuous
window of data
• Unique file system enables very large partition types
• Onboard storage options up to 800 GB to 12 TB
• External storage via NAS/SAN unlimited up to 240 TB*
• RAID 1, 0, and 5 configurations
*Certified by Solera Networks
®
Solera Networks 2007
5. Access
• Virtual file system (VFS) allows access to single or multiple sets
of time-series instances
• Analyze segments simultaneously with multiple toolsets
• Allows for overlapping segments to be analyzed concurrently
• VFS insures that data is NEVER altered on disk
• Legal Chain of Custody
• Support industry standard PCAP formats for instant access to
hundreds of commercial, custom, and open-source applications
• Virtual Network Interface option
• Regenerate live traffic, at full-line rate
• Ingress and Egress filtering capabilities, at line rates
®
Solera Networks 2007
6. TimeShift™ Network Analytics
Immediate replay – Playback
recorded events in near realtime
(1 msec latency).
Complete view – Get the entire
picture, not just a sampling.
Your schedule – Unabridged
history means EVERYTHING is
accessible, reproducible, and
capable of in-depth analysis,
when you need it.
®
Solera Networks 2007
7. Playback
Several options for playback
• Inbound and Outbound filtering
• Expose packets in PCAP format through Solera Virtual File
System
• Regenerate network traffic:
• To a different network segment
• To a virtual Ethernet adapter on a PC
• Web Services API
®
Solera Networks 2007
8. Management
• Web-based GUI and Command-Line-Interface (CLI) interfaces
• System monitoring, reporting, and logging
• Statistics and trend analysis
• Role-based security
• SOAP & REST APIs to facilitate 3rd party console integration
®
Solera Networks 2007
9. Why you need a Solera Solution?
Network management
•Policy
enforcement
•Compliance - SARBOX, HIPPA, JSOX
Network Analysis
•ISVapplications
•Session reconstruction
•10Gb networks
Intrusion detection
•Network Buffer
•Forensics
Data leakage
•Monitor & record suspicious traffic
•Highlight and record data loss
Lawful Intercept
•CALEA
®
Solera Networks 2007
11. CALEA Requirements
(Communications Assistance for Law Enforcement Act)
Section 103 – ”Assistance Capability Requirements”
All telecommunications carriers must ensure that they are
capable of enabling the government to:
• intercept all wire or electronic communications to or from a subscriber
• access identifying information reasonably available to the carrier
• receive intercepted communications and identifying information in a format that
may be transmitted to a location other than the premises of the carrier
• receive information in a manner that protects the privacy and security of
communications not authorized to be intercepted
Solera Network’s CALEA Appliance conforms to CALEA
standards T1.IAS for data carriers:
• Packet data capture
• Data capture logs
• Real-time delivery to law enforcement agencies
®
Solera Networks 2007
12. Web-based Management
View key stats
• Storage on disk
• Bytes captured
• Bytes filtered
• Storage system report
• Network system report
• Regeneration report
®
Solera Networks 2007
13. Record
• Start and Stop multiple captures
®
Solera Networks 2007
14. Playback
• Playback any
period of captured
traffic
• Specify maximum
bytes per file
®
Solera Networks 2007
15. Virtual Interfaces
• Create virtual
interface to
physical interface
mappings for
traffic capture and
regeneration
®
Solera Networks 2007
17. Filters
• Filter Inbound/
Outbound Traffic
• Filter for any bit of
information
• Filter at the header
or payload level
• Multiple filters –
start and stop at
any time, continue
to capture
®
Solera Networks 2007
18. Filter Editor
• Create complex
filters on protocol,
IP, MAC address,
payload type, or
unique bit pattern
®
Solera Networks 2007
19. CALEA
• Available CALEA
interface
• Set multiple taps
as needed
®
Solera Networks 2007
24. Open Platform Support
• Run commercial or open
source software
• Instant Messaging (IM) Analysis
Tools
• HTTP Analysis Tools
• Web Reporting Tools
• Packet Analysis Tools
• Intrusion Detection System (IDS)
Tools
• Network Security Tools
• OS Detection Tools
• Network/Application QOS Tools
• API – approximately 40
system calls exposed
through REST & SOAP
interfaces
®
Solera Networks 2007
25. About Solera Networks
Who we are?
®
We are the TiVo for your Network
What we do?
We are the foundation for a comprehensive network
management and security architecture. We answer: “What
happened on my network?”
How we do it?
Full network packet capture and playback technology
®
Solera Networks 2007
26. For more information and to
request a demo visit:
www.soleranetworks.com
®
Solera Networks 2007