Big Monitoring Fabric
Last Updated: June 02, 2020
Big Monitoring Fabric is a modern 1G/10G/40G network visibility fabric that leverages highperformance, open Ethernet switches to provide pervasive security monitoring and visibility of an organization’s network traffic at ultra-low CapEx/OpEx costs. Using an SDN-centric architecture, Big Monitoring Fabric enables scale-out fabric for enterprise-wide monitoring, single pane of glass for operational simplicity, and multi-tenancy for multiple IT teams (NetOps, DevOps, SecOps) to simultaneously perform network monitoring using tenantspecific inline or out-of-band tools and policies. The Big Monitoring Fabric (BMF) is a next-generation Network Packet Broker (NPB) that has been designed from the ground-up to build a pervasive visibility fabric that addresses the challenges of current NPB-based monitoring solutions. BMF’s architecture is inspired by Hyperscale Networking designs, which consist of Open Ethernet switch hardware, SDN controller software and centralized tool deployment.
- High Availability Architecture
- • Highly resilient against network, tool or controller failures.
- • Supports customizable inline health check with aggressive
- Tool Chaining
- • Support chaining of up to 4 tools in a single chain. Supports
different tool chains for traffic coming into / leaving the DMZ
Support sharing of the same tool interfaces across multiple
chains on the switch.
- Tool Oversubscription/Load Balancing
- • Load balance higher data bandwidth (10G/40G) across multiple
instances of lower bandwidth tools (1G/10G).
- Enhance Tool Efficiency
- • Send only relevant traffic (as opposed to all traffic).
- • Supports dynamic, programmatic (REST API based)
configuration to drop certain marked flows (e.g. DDoS) at the
switch. In such scenarios, the fabric switch drops the marked
flows, rather than sending the flows to the tool to drop them.
- • Support sharing of the same tool interfaces across
- Simplify Multi-team operational workflows
- • Single Pane of Glass management/configuration; No complex,
error-prone PBRs needed; Easily load-balance or chain tools.
- • Replicate certain traffic (at line-rate) via a rule-based SPAN to
send to offline tools for further processing.
- • The BMF Controller is the unified, single point of
management for inline / offline monitoring.