As enterprise networks expand--particularly Gigabit Ethernet and 10 Gigabit Ethernet networks--while budgets stay tight, IT departments need to make the most of the application monitors, security devices, and protocol analyzers they already own. More organizations are turning to network monitoring switches for help with this, because they can cost-effectively monitor 10-Gb networks using 1-Gb tools. These switches direct network traffic and connect, convert, aggregate, and filter data to probes and protocol analyzers. They document the monitoring process without touching the network wiring plant. This mean existing tools can be shared, and network changes are minimized.
In short, network monitoring switches save money while promoting stability.
Gigamon Systems, the first vendor to introduce a network monitoring switch, has had the market to itself for almost four years. But now Gigamon has serious competition from established network emulation vendor Anue Systems. And there will probably be more: This doubling of options foretells an onslaught because these specialized switches are increasingly necessary pieces of networking equipment.
Both Gigamon's GigaVue and Anue's 5200 can switch and filter packets at wire speed, in Layer 2 to 4, in any-to-any port combinations. For example, a single 10-Gb port from a network tap can be filtered on source and destination network addresses and sent to one or many tools connected to output ports. The reverse is also possible: Switched Port Analyzer ports can be filtered and sent to a single port connected to a protocol analyzer.
Both vendors offer switches in roughly the same packages: 1-Gb and 10-Gb models that support a range of copper and fiber configurations, including small form-factor pluggable connectors. Both Anue's and Gigamon's switches support a mix of 1-Gb and 10-Gb ports in 24-port densities. The 1-Gb versions support as many as four 10-Gb ports with the rest being 1 Gb, and the 10-Gb versions can support 24 10-Gb ports.
But there are some key differences as well. Gigamon's offering sports a command-line interface (CLI) that allows in-depth tool configuration. Gigamon also enables multiple GigaVue switches to be linked in a master/slave configuration, creating a fabric of monitoring that can be addressed as if all were a single box. This interswitch topology can be daisy-chained or configured as a hub and spoke to reduce the number of hops traffic has to take and create a scalable system in dense deployments.
The Switch Is In
Switch architectures can engineer higher-efficiency networks, but not overnight.
Anue supports interswitch connections, so a network attached to one box can be monitored by a tool connected to another. The Anue switches don't support a single point of management. On the other hand, they have a GUI that's much easier to configure and understand than the GigaVue CLI.
The interface difference will diminish or disappear in the future: Anue says it intends to add a CLI or API for automation later this year, most likely in Tool Command Language. And Gigamon says it plans to add a GUI to its switches. For organizations that can't wait, Gigamon is probably a better fit if they have network configuration experts on site and need to automate network monitoring in complex data centers. Anue is likely the better choice for companies that don't need an entire monitoring fabric.
|Network Monitoring Tools
|Up to 24 ports per switch
|Up to 24 ports per switch
|Yes, as separate boxes
|Yes, as single box
|Input and output port maps
|5204 starts at $17,000;
5236 starts at $25,000
|GigaVue-420 starts at $14,995;
GigaVue-2404 starts at $45,000