PacketTiger - Next Generation Network Packet Broker with Advanced Features

NEOXPacketTiger
NEOXPacketTiger NX-PBPT-1L - Network Packet Broker
PacketTiger NX-PBPT-1L-*
16x Ethernet SFP+ Ports
and 4 NMC Slots
PacketTiger - NX-PBPT-1SCR - Network Packet Broker
PacketTiger NX-PBPT-1SCR
5x 10M/100M/1000M Ethernet RJ45 Ports
and 4x 1G/10G SFP+
and 2x 1G SFP or RJ45 Ports
NEOX PacketTiger - NX-PBPT-1M - Network Packet Broker

PacketTiger NX-PBPT-1M
6x 10M/100M/1000M Ethernet RJ45 Ports
and 2x 1G/10G SFP+ Ports
PacketTiger - NX-PBPT-1SC - Network Packet Broker
PacketTiger NX-PBPT-1SC
6x 10M/100M/1000M Ethernet RJ45 Ports
and 2x 1G SFP or 2x 1G RJ45 Ports

For companies with the need for higher port density e.g. 32x 400G
we also offer Network Packet Brokers from our PacketLion Product Family

What do I need an Advanced NPB for?

With a Network Packet Broker, also known as a Data/Network Monitoring Switch or Matrix Switch, you are able to provide your analysis and monitoring systems with all data streams of the Network TAPs or other data sources distributed in the network, reliably and aggregated.

The Network Packet Broker acts as a link between the access point in your network and, for example, your security tool and, depending on the version, supports all common transceiver standards, from 1 Gigabit SFP slots to the widespread 10 Gigabit SFP+ interfaces to the high-performance QSFP-DD connectors, which allow bandwidths of up to 400 Gigabit per interface.

Using dedicated ASIC hardware, which is used in every Network Packet Broker, both simple and complicated filter rules can be created to ensure an optimized data flow towards the analysis systems.

Network Packet Broker Functionalities - with NEOXPacketTiger
Possible deployment scenarios for NextGen Network Packet Broker

Here you can filter out unwanted data packets or even entire data streams that are not required for the evaluation and thus reduce the overall load. This enables you to filter incoming data volumes from measuring points, which may be distributed over several 10G or 40G lines, almost latency-free in real time.

This allows you to continue to make optimal use of your existing 1G or 10G monitoring infrastructure and directly discard data that is not of interest without creating additional load on your monitoring systems.

NEOXPacketTiger Network Packet Broker Features
NEOXPacketTiger Network Packet Broker with Advanced Features

Getting the Most out of Dynamic Load Balancing

Dynamic Load Balancing

Of course, a NextGen Packet Broker also offers you the option of distributing the incoming data load via an automated, load-based mechanism. Here, several analysis and monitoring systems are combined in a virtual port group and defined as a logical target.

Due to its x86-based architecture, a PacketTiger in its NextGen Packet Broker form is also able to provide intelligence-based detection of flows and allow both asymmetric and redundant connections to be monitored much more easily and holistically by the connected systems, as the PacketTiger’s flow detection allows packets to be reassembled at any time and always output to the correct analysis tool.

If a member of this “load balancing” group fails for any reason, the NextGen Packet Broker detects this and automatically distributes the data to the remaining members of that group.

A combination of a heartbeat packet and percentage load detection, combined with intelligent flow and data volume detection, helps NextGen Packet Broker to detect and exclude failed systems from the distribution, as well as load-based distribution in addition to flow-based distribution.

All these features and mechanisms can be combined to get the most out of your analysis and monitoring infrastructure. (see Use monitoring resources more effectively thanks to intelligent Load Balancing)

Dynamic Load Balancing on 4 Network Forensics Appliances
Use Case 1:
Dynamic Load Balancing to 4 Network Forensics Appliances

Dynamic load balancing on 3 network forensics appliances - after failure of the 4th network forensics appliance
Use Case 2:
Dynamic Load Balancing to 3 Network Forensics Appliances
after failure of the 4th Network Forensics Appliance

FILTER CHANGE MADE EASY

Filtering & Tagging

Of course, when using a NextGen Packet Broker, you do not have to do without any of the features and conveniences that you already have with a regular Network Packet Broker, or also called a Legacy Packet Broker. This of course includes the filtering options mentioned above.

But what does that mean in detail?

The filters of the NextGen Packet Broker control the traffic flow and can: Deny traffic, pass all traffic, pass traffic according to certain criteria and mark packets.

Using a NextGen Packet Broker you are able to filter the data on OSI level 2 to 4 before passing it to the analysis tool to reduce the load on that very analysis tool. The setting options are manifold, e.g.:

  • Layer 2: Source MAC address, Destination MAC address, Ethernet Type, VLAN, MPLS, VXLAN etc.
  • Layer 3: Source IP address, Destination IP address, IP address ranges and subnets, IPv4 and IPv6, fragments etc.
  • Layer 4: TCP or UDP source and destination ports etc.
  • Layer 2-7: UDF (User Defined Filter) – Offset Filtering (Up to 6 Offset’s can be defined, 128Byte to Layer 2-4)

The above list is congruent with the filtering options of our PacketLion series, but in addition a NextGen Packet Broker offers many more options to capture the individual layers of a packet and use them as filter criteria, among others:

  • Layer 2: Source MAC Address, Destination MAC Address, Ethernet Type, VLAN, MPLS, VXLAN etc.
  • Layer 2: PPPoE Protocol Number, Provider Backbone Bridge SID, Full VXLAN Tunnel Support etc.
  • Layer 3: L3-TTL, Encapsulated IPv6 in L3-MPLS
  • Layer 4: TCP Window Size, TCP Flags etc

Of course, a NextGen Packet Broker also offers the possibility to create extended filter rules using UDF and thus to filter for content even above Layer 4. UDF stands for “User Defined Filtering” and allows the user to search for specific values or Ethernet fields in each packet by pattern matching.

And if even the UDF is not enough, you can always fall back on the DPI engine, which is also available, and thus penetrate into the last corners of the OSI layer model.

In addition, you also have the option of marking incoming data traffic with corresponding VLAN tags, filtering it according to these tags and finally removing them again.

An example of this is, for example, the tapping of data by means of several Network TAPs on the same connection.
VLAN tagging is often used here in order to be able to separate data coming from the Network TAPs or other measuring points more easily from one another again by means of the VLAN tag on the analysis system.

Packet-Filtering with a Network Packet Broker
Packet Filtering with a Network Packet Broker

DATA PROTECTION AND NETWORK PROTECTION GO HAND IN HAND
THANKS TO PACKET SLICING

Packet Slicing

As with a Network Packet Broker, it is also possible with a NextGen Packet Broker to shorten or slice the individual packets. Often, the gap between the capacity of the recording analysis system on the one hand and the amount of incoming data on the other is so large that, without appropriate additional mechanisms, the analysis system is most likely not able to record all individual packets without loss.

And this is exactly where the Packet Slicing feature comes into play: with this method it is possible to reduce the incoming data load on your analysis system by up to 87% (at 1518 bytes packet size and Packet Slicing at 192 bytes) by simply removing the payload data from each packet.

However, while regular PacketLion Packet Brokers perfectly handle above mentioned slicing technique, NextGen Packet Brokers of PacketTiger series deliver even deeper result.

In addition to the basic approach, a PacketTiger additionally allows you to “attach” the slicing window to an OSI layer or directly to the payload. This allows you to always apply the slicing at the same position, regardless of the structure of the packets, and thus not lose any important information.

And it can also be beneficial for GDPR compliance to remove user-related data from Ethernet packets. By means of Packet Slicing, this is also possible without any problems.

You can also find more information about this in our blog article “Stay at the cutting edge thanks to Packet Slicing“.

Packet Slicing mit PacketTiger Network Packet Broker
Packet Slicing with a Network Packet Broker

HIGH FLEXIBILITY THROUGH NMC/SFP CONNECTIVITY

Multimode SFP+ Transceiver

Our NextGen Packet Brokers from the PacketTiger product range also offer maximum flexibility and scalability when it comes to connectivity.

Not only that our NextGen Packet Brokers, depending on the model, can be equipped with different NMC modules, each of which can cover the most diverse topologies by means of SFP or SFP+ transceivers.

Pure RJ45-based NMC modules are also available and allow you to connect regular copper-based signals to the PacketTiger.

Of course, as a NextGen platform, the PacketTiger also offers the possibility to control and process corresponding 40G signals via QSFP+.

Furthermore, the port splitting function helps you to use one interface multiple times, which allows you to significantly increase the number of usable ports without additional costs.

EASY TO USE AND SIMPLE TO CONFIGURE

NEOXPacketLion GUI Screenshot - Port Configuration

The complete setup and configuration of the devices is done either via an intuitive (drag’n drop) and easy to use graphical interface (GUI via HTTPS) or a command line based interface (Serial or SSH).

Both management options put user-friendliness and ease of use at the top of the list and allow you to set up NextGen Packet Broker within a very short time.

Both the drag’n’drop feature of the GUI and the automatic character completion on the CLI allow the user to create complicated and interlocking rule sets, even as a novice.

In addition, both Network Packet Broker and NextGen Packet Broker from NEOX NETWORKS offer an API interface called NETCONF, which allows you to manage multiple systems at the same time and automate filtering rules and other tasks.

For management and monitoring purposes, common network tools such as Syslog and SNMPv2/3 are also available, allowing you to easily administer NextGen Packet Brokers.

RADIUS and TACACS for central user management are also supported.

TIMESTAMPING LIKE THE PROS

Timestamping Function available

Some of our Network Packet Broker models also support nanosecond hardware timestamping.

This function can not only be very helpful to measure latencies in the network but is also used in critical scenarios such as the so-called high-frequency trading on the stock exchanges.

Here, once again, not only the latency plays an important role but also the usability of a record of a trade, since by means of nanosecond-accurate timestamp it can of course also be determined who initiated which trade at what time.

Advanced NPB Functionalities of our PacketTiger Models

Advanced Features of NEOXPacketTiger Network Packet Brokers

Advanced Packet Processing allows you to work even more granular and look deeper into the individual packets of the data load than you are used to with regular Network Packet Brokers.

Even resource intensive scenarios like removing duplicates in the network or masking or blackening content in the individual packets are no problem for PacketTiger!

  • Deep Packet Inspection – Open your network’s envelope and examine the content of your applications
  • Netflow Support – Gain insight of your network with IPFIX’s high granularity and expand your monitoring
  • Packet Capturing – Capture a PCAP directly on the PacketTiger
  • Packet Replay – Replay any PCAP and verify your setup instantly
  • Advanced Filtering – Reach ANY data and filter ANY qualifier in your packet headers
  • GTP Tunnel Handling – Correlate GTP traffic with IMSI filtering and benefit from inner-IP based dynamic load balancing inside a GTP tunnel
  • De-Duplication – Identify and drop duplicate packets, while unique packets are left untouched
  • Data Masking – Hide sensitive data by overwriting specific areas of a packet and provide customizable data protection
  • Tunnel Support – No tunnel is to deep! PacketTiger supports all available tunnel protocols

Our PacketTiger Models


Network Packet Broker with
4x 10M/100M/1000M Ethernet RJ45 Ports
+ 4x NMC Slots with up to 32 Additional Ports

NEOXPacketTiger NX-PBPT-1L - Network Packet Broker with 4 NMC-Slots and up to 32 additional Ports

The PacketTiger NX-PBPT-1L is a purpose-built Network Packet Broker designed for data center and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a standalone device in L2-L4 filtering applications. To ensure seamless integration into your monitoring infrastructure, all PacketTigers offer a full API interface using Netconf.

There are no additional per-port license fees, and the device is compatible with commercially available pluggables/transceivers. Flexible port speeds (port splitting) can be scaled to meet network requirements (10G / 40G / and soon 100G) and changed within the interface.

TECHNICAL SPECIFICATIONS
  • Basic version with 4x 10M/100M/1000M RJ45 ports – and 4 NMC module slots
  • NMC modules available for up to 100G (see table below)
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 10M/100M/1000M, 1G, 10G, 40G and shortly 100G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP Flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Support for up to 1,000,000 filter rules
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunnelling protocol
  • Load balancing based on 5-tuple criteria
  • Port Labeling
  • MPLS Stripping
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through Syslog und SNMP Traps
  • Digital Diagnostics Monitoring (DDM)
  • GTP Correlation + GTP inner IP Load-balancing + IMSI Filtering
  • Stripping of MPLS, PPPoE, VN-Tag, VX-LAN, GTP-U, GRE, L2TP
  • Deep Packet Inspection (DPI, license required)
  • Data Masking + Data Slicing (packet slicing)
  • IPFIX – Netflow Export (license required)
  • Deduplication
  • Packet Capture
  • Packet Replay
  • Timestamping
  • VLAN Editing
  • MAC Replace

ARTICLE NUMBERS & ACCESSORIES

Article No.SFP+ PortsNMC SlotsMax. Thr.put
NX-PBPT-1L-2016x 1G/10G*420 Gb/s
NX-PBPT-1L-4016x 1G/10G*440 Gb/s
NX-PBPT-1L-1004100 Gb/s

* Included, occupy 2 of the 4 NMC slots – but can be exchanged

Optionally available
NMC Modules
Article No.Ports
NX-PBPT-1L-8PC8x 1G RJ45
NX-PBPT-1L-8PS+8x 10G SFP+
NX-PBPT-1L-2PQ+2x 40G QSFP+

NEOXPacketTiger - NX-PBPT-1L - Network Packet Broker - NMC-Module x3
NMC-Module für NEOXPacketTiger NX-PBPT-1L-20/40/100


Network Packet Broker with
5x 10M/100M/1000M Ethernet RJ45 Ports
+ 4x 1G/10G Ethernet SFP+ Ports
+ 2x 1G Ethernet SFP or RJ45 Ports

PacketTiger - NX-PBPT-1SCR - Network Packet Broker

The PacketTiger NX-PBPT-1SCR is a purpose-built Network Packet Broker designed for use in top-of-rack applications and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a stand-alone device in L2-L4 filtering applications.

To ensure seamless integration into your monitoring infrastructure, all PacketTigers offer a full API interface using Netconf.

TECHNICAL SPECIFICATIONS
  • 5x 10M/100M/1000M RJ45 Ports + 4x 1G/10G SFP+ Ports + optional 2x 1G SFP or 2x 1G RJ45 Ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 10M/100M/1000M and 1G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP Flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Support for up to 1,000,000 filter rules
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunnelling protocol
  • Load balancing based on 5-tuple criteria
  • Port Labeling
  • MPLS Stripping
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through Syslog und SNMP Traps
  • Digital Diagnostics Monitoring (DDM)
  • GTP Correlation + GTP inner IP Load-balancing + IMSI Filtering
  • Stripping of MPLS, PPPoE, VN-Tag, VX-LAN, GTP-U, GRE, L2TP
  • Deep Packet Inspection (DPI, license required)
  • Data Masking + Data Slicing (packet slicing)
  • IPFIX – Netflow Export (license required)
  • Deduplication
  • Packet Capture
  • Packet Replay
  • Timestamping
  • VLAN Editing
  • MAC Replace

Network Packet Broker with
8x 10M/100M/1G/10G Ethernet Ports

NEOX PacketTiger - NX-PBPT-1M - Network Packet Broker

The PacketTiger NX-PBPT-1M is a purpose-built Network Packet Brokers designed for data center and network perimeter use. The systems can be used to optimize port utilization of existing infrastructure, or as stand-alone devices in L2-L4 filtering applications.

To ensure seamless integration into your monitoring infrastructure, all PacketTigers offer a full API interface using Netconf.

TECHNICAL SPECIFICATIONS
  • 6x 10M/100M/1000M RJ45 ports and 2x 1G/10G SFP+ ports (PacketTiger NX-PBPT-1M)
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 10M/100M/1000M, 1G and 10G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP Flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Support for up to 1,000,000 filter rules
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunnelling protocol
  • Load balancing based on 5-tuple criteria
  • Port Labeling
  • MPLS Stripping
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through Syslog und SNMP Traps
  • Digital Diagnostics Monitoring (DDM)
  • GTP Correlation + GTP inner IP Load-balancing + IMSI Filtering
  • Stripping of MPLS, PPPoE, VN-Tag, VX-LAN, GTP-U, GRE, L2TP
  • Deep Packet Inspection (DPI, license required)
  • Data Masking + Data Slicing (packet slicing)
  • IPFIX – Netflow Export (license required)
  • Deduplication
  • Packet Capture
  • Packet Replay
  • Timestamping
  • VLAN Editing
  • MAC Replace


Network Packet Broker with
6x 10M/100M/1000M Ethernet RJ45 Ports
+ 2x 1G Ethernet SFP or RJ45 Ports

PacketTiger - NX-PBPT-1SC - Network Packet Broker

The PacketTiger NX-PBPT-1SC is a purpose-built Network Packet Broker designed for use in top-of-rack applications and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a stand-alone device in L2-L4 filtering applications.

To ensure seamless integration into your monitoring infrastructure, all PacketTigers offer a full API interface using Netconf.

TECHNICAL SPECIFICATIONS
  • 6x 10M/100M/1000M RJ45 ports – and optional 2x 1G SFP or 2x 1G RJ45 ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 10M/100M/1000M and 1G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP Flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Support for up to 1,000,000 filter rules
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunnelling protocol
  • Load balancing based on 5-tuple criteria
  • Port Labeling
  • MPLS Stripping
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through Syslog und SNMP Traps
  • Digital Diagnostics Monitoring (DDM)
  • GTP Correlation + GTP inner IP Load-balancing + IMSI Filtering
  • Stripping of MPLS, PPPoE, VN-Tag, VX-LAN, GTP-U, GRE, L2TP
  • Deep Packet Inspection (DPI, license required)
  • Data Masking + Data Slicing (packet slicing)
  • IPFIX – Netflow Export (license required)
  • Deduplication
  • Packet Capture
  • Packet Replay
  • Timestamping
  • VLAN Editing
  • MAC Replace

Contact Us
Unser Online-Shop

DOWNLOADS:

NEOXPacketTiger Family
Datasheet

NEOXPacketTiger Family Network-Packet-Broker - Datasheet Download
Customers who viewed this product were also interested in the following products:

PacketLion

HIGH PERFORMANCE
Network Packet Brokers

NEOXPacketLion Family - High Performance Network Packet Broker with High Port Density

PacketTigerVirtual

VIRTUAL
Network Packet Broker

PacketTigerVirtual - Virtual-Network Packet Broker

PacketWolf

ADVANCED
Packet Processing Appliance

PacketWolf - Paket Processing Appliance

We will be happy to consult you and look forward to hearing from you!