SECURITY VISIBILITY

NETSCOUT nGenius packet flow switches optimize the flow of traffic from the network to the security systems and monitoring tools. These appliances collect and organize packet flows—creating a unified packet plane that logically separates the network layer from the tool layer. Our customers use packet flow switches to optimize and scale out both their service assurance platform and cyber security deployments, so that they can spend less time in adding, testing and managing their tools.

Learn more about key needs and criteria to progress your security posture. Download the 10 Questions to Ask Your Security Visibility Vendor solution brief and find out how you can accelerate your security infrastructure.

Passive and Active Security

The NETSCOUT packet flow switch technology helps you create a pervasive defense architecture against a broad range of attacks. The nGenius packet flow switches provide critical visibility to combinations of security solutions like active inline network analysis and passive, out-of-band network forensics appliances as well as active payload analysis offerings.

Active Inline Aggregation

The NETSCOUT nGenius packet flow switches support active inline monitoring by both dual-port and single-port tools with either copper or fiber media type. Traditional active inline solutions typically only provide one-to-one network-to-tool mapping. With nGenius, inline network segment to inline tool relationship may be one-to-one, one-to-many, many-to-one, or many-to-many. Multiple network segments can be aggregated to one or more inline tools. Flow-aware load balancing and speed conversion ensures smooth and clean traffic distribution.

Packet flow switches from NETSCOUT enable deployment of an inline security infrastructure in a virtual chain, rather than cabling each system into a physical configuration. The key advantage of this approach is the 50% reduction of ports needed and the elimination of complex physical cabling configurations. At the same time, each device gets exactly the traffic it requires, at the speed and in the form that it is designed to accommodate, improving monitoring efficiency.

PowerSafe

PowerSafe enables you to enforce your organization's specific security policies in the event of power loss. Behavior can be either Fail-Open, which allows the network traffic to flow back to the network unmonitored, or Fail-Closed, which blocks the network traffic from continuing to flow unmonitored. Additionally, PowerSafe can be controlled on demand through manual configuration during operation of the system, such as when investigating active inline tool issues that might be affecting network traffic availability or performing tool maintenance updates.

Custom Tool Health Checks

The nGenius packet flow switches perform an application health check, a full diagnostic with both "negative" and "positive" health checks. Positive health check packets test out the hardware state of the active monitoring tool, ensuring that it is powered and linked. Negative health check packets verify the software state of the active tool, ensuring that it is processing the live traffic, blocking applicable packets, and protecting the network. The nGenius product family extends health check capabilities even further by allowing users to customize health checks for their active tools.

Self-organizing Architecture

In contrast with other approaches that are either unreliable, too expensive or difficult to maintain, the nGenius packet flow switches provide self-organizing architecture, with a redundant, self-healing mesh topology over LAN enabled by its vMesh technology. No user intervention is required once the connections are set up in the software.

Hybrid Port Mapping

As security systems evolve and begin to perform more functions, such as combining firewall and IPS functionality in one system, providing the right traffic to these devices can be a challenge. Whereas before a security system was dedicated to either active and passive inspection, some of today’s security systems fuse these functions in one single device which needs to receive both active and passive traffic. The nGenius packet flow switches do exactly that: they deliver both types of traffic on the same port to the security system that needs it. This functionality eases the migration from passive to active security, enabling a single security system to be used for both deployment scenarios.

Products

The packet flow switch architecture enables a unified packet plane that scales and operates dynamically, regardless of infrastructure modifications or changes in the source of network traffic. With the nGenius packet flow switches from NETSCOUT, enterprise security systems can be physically anywhere and logically everywhere.

nGenius provides critical visibility to combinations of security solutions, such as inline network protection and passive out-of-band intrusion detection appliances, as well as active payload analysis offerings. Visibility architecture, based on packet flow switches from NETSCOUT, increase reliability and simplify scaling of active security infrastructure. If any active inline security applications fail, they may be bypassed or traffic can be sent to another system.

nGenius 2200 series

Hardware-accelerated packet optimization and active tool chaining deliver advanced packet flow switching for 10G networks. Modular chassis provides up to 24 10GigE/1GigE ports.

Learn More

nGenius 4200 series

Hardware-accelerated packet optimization for service assurance and security systems on 40G networks. Modular chassis provides up to 64 10GigE/1GigE ports or 16 40GigE ports.

Learn More

Features by Model

nGenius 2200 Series

nGenius 4200 Series

Per Chassis
Chassis/Blades 4 4
Ports 24 64
Network Bypass
(PowerSafe™) Pairs
8 32
Maximum Throughput 240 Gbps 640 Gbps
Speeds 1-10 Gbps 1-40 Gbps
Media SFP+, LC SFP+, QSFP+, MPO/LC
Ports Per
Chassis Module/Blade
Custom Tool Health Checks Yes Yes
1G 4 16
10G 4 16
40G N/A 4
HW Optimized Features Yes Yes
WEBINARS

On Demand

Sept 21, 2016
Advance Security Maturity with Unified Packet Visibility

Learn how to advance your security maturity with packet visibility using the the Cyber security Capability Maturity Model (C2M2). We’ll cover deployment case studies that explain how packet flow switches enable you to accelerate your security posture:

  • How to formulate your requirements when designing a packet flow architecture for security
  • What are the key criteria that a security visibility solution must meet
  • What are the differences between designing for active vs passive security
June 28, 2016
How to Select a Security Visibility Solution

In this webinar, we will discuss the key questions to ask potential vendors when evaluating a security visibility solution. During the webinar, we will cover:

  • How to formulate your requirements when designing a packet flow architecture for security
  • What are the key criteria that a security visibility solution must meet
  • What are the differences between designing for active vs passive security
 
Jun 22, 2016
Enterprise Networks: No Tool Left Behind

Want to transition to 10G and 40G networks, but the existing investment in 1G tools is giving you pause? Learn how you can extend the life of your tools, while gaining unified packet visibility across your entire network.

We'll also discuss how to combine real-time, actionable traffic-based intelligence with high-density monitoring at line rate—for a holistic view of the network. Spend less time in administering your infrastructure, and more time in research and resolution.

June 8, 2016
Emerging Trends in Incident Response and Survey Results

Join us for the "Incident Response Capabilities in 2016 - Part 1: The Current Threat Landscape and Survey Results" webinar on-demand.

The third annual SANS survey on incident response will look at the continuing evolution of incident response, how tactics and tools have changed in the last three years and how security professionals are dealing with increasing numbers and kinds of attacks.

 
April 28, 2016
Case Studies in Advanced Threat Network Protection

Learn how our customers are using threat intelligence combined with Arbor Spectrum and packet flow switches from NETSCOUT to see everything and protect against advanced threats. We will dive into:

  • Insights and trends from the findings of Arbor's ATLAS security research
  • Real uses cases on how customers are defending their networks
  • Role of unified packet visibility in accelerating your security infrastructure
March 31, 2016
Datacenter Evolved

The 40G and 100G evolution. Worried? Get answers Join our 45-minute webinar Datacenter Evolved that will present the recent datacenter trends, driven by this transition. Learn how to combine real-time, actionable traffic-based intelligence with high-density monitoring at line rate – for a holistic view of the network.

 
SOLUTION PARTNERS
Arbor Network

Arbor: advanced threat
detection and protection

Blue Coat

Blue Coat: SSL decryption

Cisco: next generation
Intrusion Prevention System

FireEye: malware analysis

McAfee: network security platform

Resources
Arbor Network