NEOXPacketLion - Network Packet Broker Family

PacketLion NX-PBPL-3XL
400G Ethernet Network 32 Port
400G Ethernet Network 32 Port Packet Broker System PacketLion NX-PBPL-3XL

PacketLion NX-PBPL-2L
100G Ethernet Network 32 Port
NEOXPacketLion NX-PBPL-2L - 100G 32-Port Network Packet Broker

PacketLion NX-PBPL-2M
100G Ethernet Network 32 Port
NEOXPacketLion NX-PBPL-2M - 100G 32-Port Network Packet Broker

PacketLion NX-PBPL-1L
25G Ethernet Network 48 Port
25G Ethernet Network 48 Port Packet Broker System PacketLion NX-PBPL-1L

PacketLion NX-PBPL-1M
10G Ethernet Network 48 Port
NEOX Networks PacketLion - Network Packet Broker

PacketLion NX-PBPL-1S
10G Ethernet Network 48 Port
NEOX Networks PacketLion - Network Packet Broker

PacketLion Network Packet Broker - Feature Comparison Overview/Matrix

For companies with need for additional features and/or less port requirements
we also offer Network Packet Brokers from our PacketTiger product family

Why do I need a Network Packet Broker?

With a Network Packet Broker, also known as a Data/Network Monitoring Switch or Matrix Switch, you are able to provide your analysis and monitoring systems with all data streams of Network TAPs or other data sources distributed in the network reliably and in aggregated form.

The Network Packet Broker acts as a link between the access point in your network and, for example, your security tool. Depending on the version, it supports all common transceiver standards, from 1 Gigabit SFP slots to the widespread 10 Gigabit SFP+ interfaces to the high-performance QSFP-DD connections, which allow bandwidths of up to 400 Gigabit per interface.

Using dedicated ASIC hardware, which is used in every Network Packet Broker, both simple and complicated filter rules can be created to ensure an optimised data flow towards the analysis systems.

Network Packet Broker Environment Diagram - with Network TAPs, Liveaction Omnipeek, Extrahop, ZEEK, Wireshark
Network Packet Broker Deployment Examples

Here you can filter out unwanted data packets or even entire data streams that are not required for the evaluation and thus reduce the overall load. This enables you to filter incoming data volumes from measuring points, which may be distributed over several 10G, 100G or even 400G lines, almost latency-free in real time.

This allows you to continue to make optimal use of your existing 1G or 10G monitoring infrastructure and directly discard data that is not of interest without creating additional load on your monitoring systems.

Network Packet Broker Features
Network Packet Broker Features

GETTING THE MOST OUT OF LOAD BALANCING

Dynamic Load Balancing

In addition to the regular filtering options of a Network Packet Broker, these also offer an automated, load-based distribution of data, known as “Load Balancing”. Here, several analysis and monitoring systems are combined in a virtual port group and defined as a logical target.

Intelligent flow detection makes it much easier to monitor asymmetric networks or even redundant connections in a holistic manner, since the Network Packet Broker will always reassemble packets through flow detection and always output them to the correct analysis tool.

If a participant of this “Load Balancing” group fails for any reason, the Network Packet Broker detects this and automatically distributes the data to the remaining participants of that very group.

A combination of a heartbeat packet and percentage load detection, combined with intelligent flow and data volume detection, helps the Network Packet Broker to detect and exclude failed systems from the distribution, as well as load-based distribution in addition to flow-based distribution.

All these features and mechanisms can be combined to get the most out of your analysis and monitoring infrastructure. (see Use monitoring resources more effectively thanks to intelligent Load Balancing)

Dynamic Load Balancing on 4 Network Forensics Appliances
Case Example 1:
Dynamic Load Balancing to 4 Network Forensics Appliances

Dynamic load balancing on 3 network forensics appliances - after failure of the 4th network forensics appliance
Case Example 2:
Dynamic Load Balancing to 3 Network Forensics Appliances
after failure of the 4th Network Forensics Appliance

FILTER CHANGE MADE EASY

Filtering & Tagging

Corresponding filter options were already mentioned at the beginning, but what does this mean in detail?

The Packet Broker filters control the traffic flow and can: Deny traffic, Pass all traffic, Pass traffic based on certain criteria and Tag packets.
Packet Broker’s VLAN filters can tag packets, remove tags from packets, and truncate packets.

Using a Network Packet Broker you are able to filter the data to OSI level 2 to 4 before passing it on to the analysis tool to reduce the load on that very analysis tool. The setting possibilities are manifold, e.g.:

  • Layer 2: Source MAC address, Destination MAC address, Ethernet Type, VLAN, MPLS, VXLAN etc.
  • Layer 3: Source IP address, Destination IP address, IP address ranges and subnets, IPv4 and IPv6, fragments etc.
  • Layer 4: TCP or UDP source and destination ports etc.
  • Layer 2-7: UDF (User Defined Filter) – Offset Filtering (Up to 6 Offset’s can be defined, 128Byte to Layer 2-4)

If you are in the situation that the information you are looking for is not available with regular filters, our Network Packet Brokers offer the so-called UDF filtering in addition to the regular filtering options between OSI layer 2 and 4 mentioned above.

UDF stands for “User Defined Filtering” and allows the user to search for specific values or Ethernet fields in each individual packet by pattern matching.

Packet-Filtering with a Network Packet Broker
Packet Filtering with a Network Packet Broker

DATA PROTECTION AND NETWORK PROTECTION GO HAND IN HAND

Packet Slicing

Often the gap between, on the one hand, the capacity of the recording analysis system and, on the other hand, the amount of incoming data is so large that, without appropriate additional mechanisms, the analysis system will most likely not be able to record all individual packets without loss.

And this is exactly where the “Packet Slicing” feature comes into play: with this method it is possible to reduce the incoming data load on your analysis system by up to 87% (at 1518 bytes packet size andPacket Slicing at 192 bytes) by simply removing the payload data from each packet.

And removing user-related data from Ethernet packets can also be beneficial for GDPR compliance. Using Packet Slicing, this is also easily possible.

You can also find more information about this in our blog article Stay at the cutting edge thanks to Packet Slicing.

Network Packet Broker with packet slicing function
Packet Slicing with a Network Packet Broker

AGGREGATION AND REGENERATION MODES

In addition, the Network Packet Brokers from our PacketLion series naturally also offer you the familiar operating modes:
Aggregation

  • Aggregation N:1 – Aggregation is used to combine the data from several measuring points and pass it on to one or more analysis systems. The Port Labeling function is particularly useful here, as it allows you to identify the physical source of the network traffic after aggregation at your analysis tool, despite correlation.
    • Any-to-Any Configuration
    • Easy monitoring of EtherChannel (connected links)
    • Aggregate network traffic to single or multiple tools

Regeneration

  • Regeneration 1:N – In this method, data packets are multiplied to x ports, thus the data of a measuring point can be made available to several analyzers.
    • Deliver data to all monitoring tools
    • Double your data ports with passive Fiber / Fiber TAPs in 1G / 10G / 40G / 100G

Of course, these modes can be combined not only with each other, but also with the above features such as load balancing and filtering. Even a combination of all features is possible and is always and exclusively done at full line rate, without bottleneck and without limitations in speed.

Network Packet Broker Aggregation Mode
Network Packet Broker Aggregation Mode

Network Packet Broker Regeneration Mode
Network Packet Broker Regeneration Mode

HIGH FLEXIBILITY THROUGH SFP CONNECTIVITY

Multimode SFP+ Transceiver

When it comes to connectivity, you also get maximum flexibility and scalability with our Network Packet Brokers from the PacketLion product range.

Not only do our Network Packet Brokers support dual-rate or multi-speed transceivers, which allow both 1G and 10G connections to be negotiated via the same SFP+ transceiver. Depending on the model, it is possible to connect up to 32x 400G connections.

Using special breakout cables, even up to 128x 10G connections can be combined in a single, 1U high Network Packet Broker, depending on the model.

Furthermore, the port splitting function helps you to use an interface several times, which allows you to significantly increase the number of usable ports without additional costs.

EASY TO OPERATE AND SIMPLE TO CONFIGURE

NEOXPAcketLion GUI Screenshot - Port Configuration

The complete setup and configuration of the devices is done either via an intuitive (drag’n drop) and easy-to-use graphical interface (GUI via HTTPS) or a command line based interface (serial or SSH).

Both management options put user-friendliness and ease of use at the top of the list and allow you to set up the Network Packet Broker within a very short time. Both the drag’n’drop function of the GUI and the automatic character completion on the CLI allow the user to create complicated and interlocking rule sets, even as a novice.

In addition, NEOX NETWORKS’ Network Packet Brokers offer an API interface called NETCONF, which allows you to administer multiple systems simultaneously and to automate filtering rules and other tasks.

For the purpose of administration and monitoring, common network tools such as Syslog and SNMPv2/3 are also available, with which the Network Packet Brokers can be easily administered. RADIUS and TACACS for central user administration are also supported.

TIME STAMPING LIKE THE PROS

Timestamping-Funktion verfügbar

Some of our Network Packet Broker models also support nanosecond hardware time stamping.

This feature can be very helpful to measure latencies in the network.

Our PacketLion Models


400G Ethernet Network 32 Port
Packet Broker System PacketLion NX-PBPL-3XL

400G Ethernet Network 32 Port Packet Broker System PacketLion NX-PBPL-3XL
PacketLion NX-PBPL-3XL

The PacketLion NX-PBPL-3XL is a purpose-built network packet broker designed for data center and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a standalone device in L2-L4 filtering applications. To ensure seamless integration into your monitoring infrastructure, all PacketLions offer a full API interface using Netconf.

There are no additional license fees per port and the device is compatible with MSA compliant QSFP-DD pluggables / transceivers. Flexible port speeds (port splitting) can be scaled according to network requirements (10G / 25G / 40G / 50G / 100G / 200G) and changed within the interface.

TECHNICAL SPECIFICATIONS
  • 32x 40G/100G/200G/400G QSFP-DD ports
  • 64x 40G/200G possible via fan out cable on QSFP-DD ports
  • 128x 10G/25G/50G/100G possible via fan out cable on QSFP-DD ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 1G, 10G, 25G, 40G, 50G, 100G, 200G, and 400G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Line rate performance without packet loss
  • Non-blocking backplane architecture with N+1 redundancy
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunneling protocol
  • Load balancing based on 5-tuple criteria
  • Port splitting (simplex mode)
  • Port Labeling
  • Support for Jumbo Frames
  • Timestamping
  • Digital Diagnostics Monitoring (DDM)
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through syslog and SNMP traps
  • N+1 redundant, hot-swappable fans
  • Hot-swappable, load-sharing and redundant AC/DC power supplies
  • Packet slicing


Download PacketLion NX-PBPL-3XL Datasheet
Request a Quote


100G Ethernet Network 32 Port
Packet Broker System PacketLion NX-PBPL-2L

NEOXPacketLion NX-PBPL-2L - 100G 32-Port Network Packet Broker
PacketLion NX-PBPL-2L

The PacketLion NX-PBPL-2L is a purpose-built network packet broker designed for data center and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a standalone device in L2-L4 filtering applications. To ensure seamless integration into your monitoring infrastructure, all PacketLions offer a full API interface using Netconf.

There are no additional license fees per port and the device is compatible with MSA compliant QSFP28 pluggables / transceivers. Flexible port speeds (port splitting) can be scaled according to network requirements (10G / 25G / 50G) and can be changed within the interface.

TECHNICAL SPECIFICATIONS
  • 32x 40G/100G QSFP28 ports
  • 64x 50G or 128x 10G/25G possible via fan out cable on QSFP28 ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 1G, 10G, 25G, 40G and 100G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Line rate performance without packet loss
  • Non-blocking backplane architecture with N+1 redundancy
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunneling protocol
  • Load balancing based on 5-tuple criteria
  • Port splitting (simplex mode)
  • Port Labeling
  • Timestamping
  • Support for Jumbo Frames
  • Digital Diagnostics Monitoring (DDM)
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through syslog and SNMP traps
  • N+1 redundant, hot-swappable fans
  • Hot-swappable, load-sharing and redundant AC/DC power supplies
  • MPLS Stripping
  • Packet slicing


Download PacketLion NX-PBPL-2L Datasheet
Request a Quote


100G Ethernet Network 32 Port
Packet Broker System PacketLion NX-PBPL-2M

PacketLion Network Packet Broker NX-PBPL-2M
PacketLion NX-PBPL-2M

The PacketLion NX-PBPL-2M is a purpose-built network packet broker designed for data center and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a stand-alone device in L2-L4 filtering applications. To ensure seamless integration into your monitoring infrastructure, all PacketLions offer a full API interface using Netconf.

There are no additional license fees per port and the device is compatible with MSA compliant QSFP28 pluggables / transceivers. Flexible port speeds (port splitting) can be scaled according to network requirements (10G / 25G / 50G) and can be changed within the interface.

TECHNICAL SPECIFICATIONS
  • 32x 40G/100G QSFP28 ports
  • 64x 50G or 128x 10G/25G possible via fan out cable on QSFP28 ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 1G, 10G, 25G, 40G and 100G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Line rate performance without packet loss
  • Non-blocking backplane architecture with N+1 redundancy
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunneling protocol
  • Load balancing based on 5-tuple criteria
  • Port splitting (simplex mode)
  • Port Labeling
  • Support for Jumbo Frames
  • Digital Diagnostics Monitoring (DDM)
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through syslog and SNMP traps
  • N+1 redundant, hot-swappable fans
  • Hot-swappable, load-sharing and redundant AC/DC power supplies


Download PacketLion NX-PBPL-2M Datasheet
Request a Quote


25G Ethernet Network 48 Port
Packet Broker System PacketLion NX-PBPL-1L

25G Ethernet Network 48 Port Packet Broker System PacketLion NX-PBPL-1L
PacketLion NX-PBPL-1L

The PacketLion NX-PBPL-1L is a purpose-built network packet broker designed for use in top-of-rack applications and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a stand-alone device in L2-L4 filtering applications. To ensure seamless integration into your monitoring infrastructure, all PacketLions offer a full API interface using Netconf.

There are no additional license fees per port and the device is compatible with MSA compliant SFP28 or QSFP28 pluggables / transceivers. Flexible port speeds (port splitting) for the 8 additional QSFP28 ports can be scaled according to network requirements (10G / 25G / 50G) and can be changed within the interface.

TECHNICAL SPECIFICATIONS
  • 48x 1G/10G/25G SFP28 ports and 8x 40G/100G QSFP28 ports
  • 16x 50G or 32x 10G/25G possible via fan out cable on QSFP28 ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 1G, 10G, 25G, 40G and 100G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Line rate performance without packet loss
  • Non-blocking backplane architecture with N+1 redundancy
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunneling protocol
  • Load balancing based on 5-tuple criteria
  • Port splitting (simplex mode)
  • Port Labeling
  • Timestamping
  • Support for Jumbo Frames
  • Digital Diagnostics Monitoring (DDM)
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through syslog and SNMP traps
  • N+1 redundant, hot-swappable fans
  • Hot-swappable, load-sharing and redundant AC/DC power supplies
  • MPLS Stripping
  • Packet slicing


Download PacketLion NX-PBPL-1L Datasheet
Request a Quote


10G Ethernet Network 48 Port
Packet Broker System PacketLion NX-PBPL-1M

NEOX Networks PacketLion - Network Packet Broker
PacketLion NX-PBPL-1M

The PacketLion NX-PBPL-1M is a purpose-built network packet broker designed for use in top-of-rack applications and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a stand-alone device in L2-L4 filtering applications. To ensure seamless integration into your monitoring infrastructure, all PacketLions offer a full API interface using Netconf.

There are no additional license fees per port and the device is compatible with MSA compliant SFP+ or QSFP28 pluggables / transceivers. Flexible port speeds (port splitting) for the 6 additional QSFP28 ports can be scaled according to network requirements (10G / 25G / 50G) and can be changed within the interface.

TECHNICAL SPECIFICATIONS
  • 48x 1G/2,5G/10G SFP+ ports and 6x 40G/100G QSFP28 ports
  • 12x 50G or 24x 10G/25G possible via fan out cable on QSFP28 ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 1G, 2.5G, 10G, 25G, 40G and 100G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Line rate performance without packet loss
  • Non-blocking backplane architecture with N+1 redundancy
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunneling protocol
  • Load balancing based on 5-tuple criteria
  • Port splitting (simplex mode)
  • Port Labeling
  • Support for Jumbo Frames
  • Digital Diagnostics Monitoring (DDM)
  • Radius and TACACS+
  • Modular due to SFP+/QSFP28 interfaces
  • Logging through syslog and SNMP traps
  • N+1 redundant, hot-swappable fans
  • Hot-swappable, load-sharing and redundant AC/DC power supplies
  • MPLS Stripping
  • Packet Slicing


Download PacketLion NX-PBPL-1M Datasheet
Request a Quote


10G Ethernet Network 48 Port
Packet Broker System PacketLion NX-PBPL-1S

NEOX Networks PacketLion - Network Packet Broker
PacketLion NX-PBPL-1S

The PacketLion NX-PBPL-1S is a purpose-built network packet broker designed for use in top-of-rack applications and network perimeter use. The system can be used to optimize port utilization of existing infrastructure, or as a stand-alone device in L2-L4 filtering applications. To ensure seamless integration into your monitoring infrastructure, all PacketLions offer a full API interface using Netconf.

There are no additional license fees per port and the device is compatible with MSA compliant SFP+ or QSFP+ pluggables / transceivers. Flexible port speeds (port splitting) for the 6 additional QSFP+ ports can be scaled according to network requirements (10G) and can be changed within the interface.

TECHNICAL SPECIFICATIONS
  • 48x 1G/2,5G/10G SFP+ ports and 6x 40G QSFP+ ports
  • 24x 10G possible via fan out cable on QSFP+ ports
  • Flexible port mapping (1:1, N:N, N:1, 1:N)
  • Aggregation of 1G, 2.5G, 10G, 25G and 40G network ports
  • Support for filtering rules (MAC, VLAN, IPv4/IPv6, TCP/UDP, DSCP, TCP flags, MPLS)
  • Filtering within a tunnel (GTP, L2TP, MPLS, GRE, etc.)
  • Aggregation and regeneration of all network traffic
  • Support for user-defined filtering rules (UDF)
  • Multiple management options (CLI, SSH, SNMP V2/V3, WEB UI, Net CONF and REST API)
  • Line rate performance without packet loss
  • Non-blocking backplane architecture with N+1 redundancy
  • Clustering of multiple Network Packet Broker systems
  • Support for L3GRE tunneling protocol
  • Load balancing based on 5-tuple criteria
  • Port splitting (simplex mode)
  • Port Labeling
  • Support for Jumbo Frames
  • Digital Diagnostics Monitoring (DDM)
  • Radius and TACACS+
  • Modular due to SFP+/QSFP+ interfaces
  • Logging through syslog and SNMP traps
  • N+1 redundant, hot-swappable fans
  • Hot-swappable, load-sharing and redundant AC/DC power supplies


Download PacketLion NX-PBPL-1S Datasheet
Request a Quote

NEOXPacketLion Hard Case for Transport

We also offer special transport cases/trolleys for our PacketLion models.

NEOXPacketLion Hard Cases/Trolleys for Transport

Contact Us
Unser Online-Shop

DOWNLOADS:

NEOXPacketLion Product-Family - Datasheet Download
DATASHEET
NEOXPacketLion Family
NEOXPacketLion NX-PBPL-3XL - Datasheet Download
DATASHEET
NEOXPacketLion NX-PBPL-3XL
Datasheet PacketLion NX-PBPL-2L Network Packet Broker
DATASHEET
NEOXPacketLion NX-PBPL-2L
Datasheet PacketLion NX-PBPL-2M Network Packet Broker
DATASHEET
NEOXPacketLion NX-PBPL-2M
Datasheet-Cover_PacketLion_NX-PBPL-1L_EN
DATASHEET
NEOXPacketLion NX-PBPL-1L
Datasheet-Cover_PacketLion_NX-PBPL-1M_EN
DATASHEET
NEOXPacketLion NX-PBPL-1M
Datasheet-Cover_PacketLion_NX-PBPL-1S_EN
DATASHEET
NEOXPacketLion NX-PBPL-1S
Customers who viewed this product were also interested in the following products:

PacketTiger

NEXT-GENERATION
Network Packet Brokers

PacketTiger Product Family - Network Packet Broker

PacketTigerVirtual

VIRTUAL
Network Packet Broker

PacketTigerVirtual - Virtual-Network Packet Broker

PacketWolf

ADVANCED
Packet Processing Appliance

PacketWolf - Paket Processing Appliance

We will be happy to consult you and look forward to hearing from you!