![Page 1: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/1.jpg)
LAN, WAN, SAN,and now
DANData Access Network
![Page 2: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/2.jpg)
What’s a DAN?out-of-band passive monitoring network
Includes passive tools like: Security IDS Sensors,
Application Performance Monitors,
Troubleshooting Protocol Analyzers,
VoIP QoS Probes,
Forensic Recorders,
and Data Access Switching
Prop
rieta
ry &
Con
fiden
tial
![Page 3: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/3.jpg)
Prop
rieta
ry &
Con
fiden
tial
3
DAN provides “Data Sockets”Part of a Flexible Network Infrastructure
• Plug-in multiple out-of-band tools – ANY data to ANY tool• Unobtrusive 24x7 tool connections – never touch the network• Aggregate, Replicate, Filter and load balance data streams• Use legacy 1Gig tools to monitor new 10Gig networks
![Page 4: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/4.jpg)
Why are DANs Needed Now?Things Have Changed
Enron and 9/11 spawned SOX auditing, increased security
and lawful intercept requirement
PLUS technology and business developments:Web site e-commerce and internet applications demand support
VoIP and media convergence make the network more strategic
Green networking demands smaller Data Center footprint
Network is how business gets done. Downtime is unacceptable
Prop
rieta
ry &
Con
fiden
tial
![Page 5: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/5.jpg)
New SOX compliance transaction monitors Keep your boss out of jail!
IDS Sensors detect external attacksFrom hackers
NAC appliance protects networks from insideFrom your own people!
CALEA lawful intercept and Forensic Recorders
Configuration monitoring tools watch over network resources
Application and Network troubleshooting
Prop
rieta
ry &
Con
fiden
tial
Proliferation of Tools
![Page 6: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/6.jpg)
Prop
rieta
ry &
Con
fiden
tial
Proliferation Causes Contention for Span Ports
Security and IT Engineers seen
here “Negotiating” Over
a SPAN Port
![Page 7: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/7.jpg)
Prop
rieta
ry &
Con
fiden
tial
An Analogy:
Using a DAN is like using a power strip.
![Page 8: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/8.jpg)
Prop
rieta
ry &
Con
fiden
tial
Too Many Power Tools? Not Enough Sockets?
?
??
?
![Page 9: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/9.jpg)
Prop
rieta
ry &
Con
fiden
tial
For Power Tools, use a Power Strip
![Page 10: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/10.jpg)
Prop
rieta
ry &
Con
fiden
tial
Too Many Monitoring Tools? Not Enough Span Ports?
?
?
?
?
![Page 11: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/11.jpg)
Prop
rieta
ry &
Con
fiden
tial
For Sensors/Monitors/Analyzers,Use a DAN Switch
One Span port serves Many tools
![Page 12: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/12.jpg)
What Other Problems do DANssolve?
Distributed Monitoring burning the budget?Consolidate tools; $ave money on capital and operational budgets
Unsecure monitor or tap ports risk data leakage?DAN can secure all access point to prevent snooping
Too much traffic for one tool? Reduce and balance load over multiple units to match tool capacity
Restrictive Configuration Management Policies?Deploy tools and make changes on your own schedule
Prop
rieta
ry &
Con
fiden
tial
![Page 13: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/13.jpg)
Prop
rieta
ry &
Con
fiden
tial
Monitoring a Mesh Network?
![Page 14: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/14.jpg)
Prop
rieta
ry &
Con
fiden
tial
Old Solution: Lots of Distributed Tools,Deploy one tool per span port/switch
Lots of hardware…very expensive!
![Page 15: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/15.jpg)
Prop
rieta
ry &
Con
fiden
tial
Better: Distribute Connections with a DANConsolidate Tools; Save CapEx $$$
Aggregate and balance flows to Consolidated Tools
![Page 16: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/16.jpg)
DAN is “Best Practice” for Network Infrastructure Design
Totally flexible solution to many problems
Facilitates unobtrusive instrumentation of a network
Solves requirement for multiple tool access
Gives tools the view of the total network
Secures monitor and tap ports
Improves monitor coverage, saves time and money.
Prop
rieta
ry &
Con
fiden
tial
![Page 17: Data Access Network for Monitoring and Troubleshooting](https://reader033.vdocuments.us/reader033/viewer/2022051514/54c1f4334a7959e3098b456e/html5/thumbnails/17.jpg)
DAN Solves Access Problems By
• Aggregating many links to any tool
• Multicasting any link to many tools
• Filtering data to map packets to tools
• Saving $$ Cap Ex and Op Ex budget$
Any to Any Any to ManyMany to Any Bit-Mask Filtering
Prop
rieta
ry &
Con
fiden
tial