Packet Broker's Network Visibility Solutions Feed your Security Monitoring all Relevant Data

Network Packet Broker's Network Visibility Feed your Security Monitoring all Relevant Data

What is Network Packet Broker's Network Visibility?

Network visibility is enabling network administrators to capture, replicate, aggregate, precess, forward, analysis and see network traffic and applications that are traveling across Wide Area and Local Area network links. Once captured, the network traffic can be mapped to various tools for analytics, performance enhancement and security. There are many specialized tools to perform these functions that all must be connected to network links in order to provide traffic data to tools. This connectivity is the foundation of visibility and can be managed in one of three ways. Direct connection is where the tools are connected directly to live links. This allows the tool to directly see and manipulate traffic. It becomes an integral part of the network and will be able to analyze data, block data and send packets back into the network. The primary limitation of direct in-line connection is potential network disruption, if the tool should go off line due to a power disruption, maintenance or any other reason make the network down. If the tool goes down, the link goes down. If you have multiple tools on a link, the probability for disruption increases accordingly. There are also financial considerations with this method. In target networks, it can be financially stressful to deploy multiple network tools on every link.

Background Introduction
With the acceleration of carrier broadband construction and the rapid development of 3G, 4G, and 5G networks, and with the popularity and development of big data and cloud computing technologies, data traffic is growing, and the bandwidth requirements for backbone networks and core networks are increasing. Since 2013, the major operators have begun to gradually upgrade the backbone network. The core backbone network transmission link media starts to be expanded from 10GPOS and 40GPOS links to 100G Ethernet links. It will inevitably lead to the continuous updating of big data collection and analysis technology. In the face of 100GE link environment with high bandwidth capacity, how to effectively meet the requirements of various national security, network security monitoring, operator intelligent pipeline DPI data collection and analysis will become a hot spot in the field of data acquisition and analysis.
Chengdu Shuwei Communication is following the development direction of the Internet and develop the MATRIX-TCA-CG Traffic Acquisition(Traffic Capture) Visibility System, and dedicated to the traffic collection and visual analysis application requirements on 1GE, 10GE, 10G/40G POS, 40GE and 100GE links. The MATRIX-TCA-CG integrates free-steering output functions such as network flow collection/acquisition, aggregation, filtering, forwarding/distribution, and load balancing and provides an efficient solution for the flow analysis.

Matrix-TCA-CG is a network data visualization control device for high density and large flow of 10G/40G/100G.
Matrix-TCA-CG is specially designed for the data collection of 10GE 40GE and 100GE links distributed intensively in operators mobile Internet export, IDC export, provincial network and backbone.
Based on ATCA standard architecture, MATRIX-TCA-CG has high carrier-level reliability and strong expansibility which can smoothly configure the functional board CARDS to cope with port demand scenarios of various specifications and sizes.


The NTCA-CHS-7U7S is a 7U standard rack height. The chassis adopts the horizontal slot service slot mode. The device supports a total of seven slots, including two switching slots and five service slots. Each slot provides 300W cooling capacity, the chassis uses a pull-type cooling air duct to provide good heat dissipation performance for the whole machine. The backplane adopts a dual-star architecture, providing 200Gbps full-duplex interconnected channels in each switch slot to the service slot. Fully equipped with two switch cards can achieve 400G backplane bandwidth per service slot.

Carrier–class System Architecture
Advanced specification PICMG 3.0 R2.0
RoHs,Designed for CE,FCC,NEBS Level 3
Standard Dual Dual Star 100G speed backplane

Rich Interface Types
Supported high density 10G, 40G, 100G link interface
Supported all port line speed work without packet loss

Rich Network Traffic Processing Mechanism
Supported 1->N, M-> N, M-> N channels traffic replication & aggregation
Supported packet filtering matching, including SIP, DIP, SP, DP, protocol number, arbitrary position feature code identification, input interface and other elements of flexible combination filtering conditions
Supported DPI deep message analysis and processing
Supported GTP, GRE and other tunnel protocol IP identification & distribution
Supported multiple rule combinations
Supported the number of rules above 100,000 level
Supported filtering rule black and white list

Load Balance
Supported dynamic load balancing or custom load balancing in/across single board
Supported the hash load balancing calculation of multiple combination conditions
Supported load balancing arbitrary binding of output port group members

Flexible Port Collocation
Supported all ports as input, output port by user-defined
Supported for members of the same port group not restricted by port types
Supported any binding of input and output port groups in single board/cross board

Large-capacity Network Visibility 10G/40G/100G Capture, Aggregation and Distribution Application

Span deployment the high-performance, high-capacity MATRIX-TCA-CG traffic acquisition visibility system to uniformly collect data traffic of any node location and any link type (10G/40G/100G) on the entire network, and then data traffic can be transmitted through the system. The size, structure, relationship, etc. are collated and analyzed. After the invisible data signal is converted into a visible entity, the user can copy, aggregate, and offload the required target data to each back-end system for depth detection and analysis according to system requirements.

In this configuration, live network traffic passes through the TAP, directly into the active tool and back into the network in real time. This allows the tool to analyze the traffic, manipulate packets, stop suspicious packets and take immediate action on the link to block malicious traffic. These tools include Active Firewall and Intrusion prevention systems (IPS/NGFW). The TAP in the active stack has unique bypass technology that sends a heartbeat to the active tool. If the tool goes off line for any reason, the TAP can bypass the tool keeping live network traffic flowing. When the heartbeat returns, traffic automatically returns to normal operation flowing through the tool. Managing and protecting network infrastructure and information requires focus. Each of these devices specializes on a very tight functional range. The example above is by no means a complete list of network monitoring, management and security tool options. There are many purpose built tools for applications such as Data Loss Protection (DLP), Customer Experience Management (CEM), and Identity Access Management (IAM). A simple web search will turn up a wide variety of devices that can be added to these links based on specific threats or required analysis. Having a multiple port TAP foundation allows tools to easily and safely be added, repurposed or changed depending on the immediate needs of the network. There is a logical step by step flow when developing a visibility strategy; access, capture, analyze, secure and remediate if necessary. Ideally, if the right strategy and tools are in place along with other organizational influences to be discussed later, the remediation step will hopefully not be required. However, as is often said, plan for the best but prepare for the worst.

Network Packet Broker Specification and Module Type

NetTAP® (Full named Chengdu Shuwei Communication Technology Co., Ltd.)was established in 2007. Focusing on the Research and Development of Network TAPs/NPBs Communication Equipment, Data Security Analysis Equipment, which provides products and solutions in Big Data Acquisition, Data Storage, Data Monitoring, Data Processing and Data Analysis for Telecom, TV Broadcasting, Government, Education, IT, Finance, Bank, Hospital, Transportation, Energy, Power, Petroleum, Enterprise and other industries.

NetTAP® has launched various types of high-density devices such as: Fast Gigabit, 10 Gigabit Ethernet Network Traffic Replication, Aggregation, Distribution Network TAPs/NPBs (Network Packet Broker), intelligent Hybrid Traffic Network TAPs, 25G, 40G, 100G, etc. high density and Performance Network TAPs/NPBs(Network Packet Broker).

NetTAP® has a hardware production plant, all the communication products have complete Software and Hardware Independent Intellectual Property Rights, with complete Copyright Registration and Product Certification.

MATRIX NetInsight™ - A Fully Function Network Visibility Control Platform

MATRIX NetInsight™ Network System Value

1- Data Acquisition with centralized planning, eliminate monitoring blind spot

2- Free distribution of data, saving analysis of the overall investment

3- Data Security Control, Reduce the risk of disclosure

4- Overall Traffic visible, Abnormal Located more accurate, Fault analysis more useful

MATRIX NetInsight™ Function Architecture

1- User Interaction Layer

2- Big Data Analysis Layer

3- Data Storage Layer

4- Analysis Visibility Layer

5- Data Acquisition Layer

Zain Cloud Project of Saudi Arabia Telecom