Core Controller CC

1
Core Controller (CC)

• Arun George CISM, CISSP, BS7799LA, ITIL
• Technical Sales Manager GCC (Excl KSA) India

2
Agenda

• TippingPoints IPS solution for 10GbE network
• Opportunities
• Competition

3
Compelling Story

• TippingPoints first solution for IPS protection
  in a 10GbE network
• Pay as you grow model
• Most customers dont actually need full-duplex
  10Gbps. They are just installing infrastructure
  for future growth
• Very cost effective approach vs. having to buy a
  20Gbps IPS up-front
• N1 IPS redundancy
• Shared IPS stack in fully redundant networks
• HUGE savings when you are talking about 500K
  worth of IPS
• Designed for core networks
• Reliability and serviceability focus
• Cutting-edge performance
• We looked long and hard for a 3rd party product
  so we wouldnt have to build it ourselves. There
  is nothing comparable out there.

4
Terminology

• Segment
• Same as a segment on the IPS except that its
  10GbE
• Bump-in-the-wire where traffic passes through IPS
  inspection
• iLink
• 1GbE connections (1GbE x 2) to an IPS segment
• iLink Group
• All traffic from a segment is load balanced to
  the iLinks assigned to the segment

5
Major Features

• Hardware
• 2U, 2 post rack mountable
• 3x 10GbE segments (XFPs)
• Optional ZPHA modules
• 24x 1GbE iLinks (copper)
• 1GbE management port
• RJ45 serial port
• Dual hot-swappable power supplies
• ZPHA modules (10GbE)
• Optional
• 2 models multimode, single mode

• Packet Processing
• 20 Gbps load balancer
• Multiple algorithms
• IPS cluster per 10GbE segment
• Exception rules
• Jumbo packet rule
• IPS Compatibility
• 5000E/2400E (Rev D/E)

6
Pay As You Grow

• The only pay as your grow 10G IPS solution on the
  market!
• Fast - Safe - Grows with your need!

10G Egress
10G Egress
10G Ingress
10G Ingress
7
Without NIPS Active-Active Frame
Core Switch
Core Switch
Active
Active
Active
Active
Server Aggregation Switch
Server Aggregation Switch
8
With 10 GbE NIPS
Core
Core
Active
Active
Active
Active
TippingPoint inline protection with 10 Gbps
interfaces
TippingPoint inline protection with 10 Gbps
interfaces
Server Aggregation
Server Aggregation
9
4Gbps across the Frame/1Gbps per segment
Core
Core
Active
Active
Active
Active
TP Core Controller
TP Core Controller
TP2400E-C
TP2400E-C
Server Aggregation
Server Aggregation
10
8Gbps across the Frame/2Gbps per segment
Core
Core
Active
Active
Active
Active
TP Core Controller
TP Core Controller
Server Aggregation
Server Aggregation
11
8Gbps across the Frame/2Gbps per segment
Core
Core
Active
Active
Active
Active
TP Core Controller
TP Core Controller
TP5000E-C
TP5000E-C
Server Aggregation
Server Aggregation
12
16 Gbps across the Frame/4 Gbps per segment
Core
Core
Active
Active
Active
Active
TP Core Controller
TP Core Controller
Server Aggregation
Server Aggregation
13
32 Gbps across the Frame/8 Gbps per segment
Core
Core
Active
Active
Active
Active
TP Core Controller
TP Core Controller
Server Aggregation
Server Aggregation
14
Major Features

• Management
• Fully manageable via CLI
• SMS
• SOAP, SNMPv2, SNTP
• System and Audit Logs
• Remote-syslog

• Reliability
• ZPHA
• Nearly Hitless OS Update
• RMA
• L2FB
• Hardware watchdog timers
• On each ZPHA module
• FPGA (triggers L2FB)
• Monitoring iLink ports and IPS
• Heartbeat packets (Latency loss)
• Redundant hot-swappable power supplies
• Resource monitoring
• Voltage, temperature, fans, etc.

15
Reliability Serviceability

• ZPHA
• Optional module for 10GbE interfaces
• Module must match XFP type (multimode or
  single-mode)
• ZPHA is active during boot process until CC and
  IPSes are ready to process traffic
• Can be activated manually per segment
• Watchdog timer on each ZPHA module
• ZPHA will activate if TOS fails to service the
  watchdog in time

16
Swap ability

• When ZPHA module is used, you can replace the CC
  unit without bringing down the network
• Power down the CC (ZPHA kicks in)
• Remove ZPHA module from unit. Traffic continues
  to pass because of the ZPHA mirrors
• Replace the CC and reconnect iLinks
• Plug in the ZPHA module(s) and power on the CC
• As the unit boots, it remains in ZPHA mode until
  OBE is completed and is ready to pass traffic
• Net downtime for entire swapping process 2 link
  flaps

17
NIPS Opportunities
Protect WAN Perimeter
Protect Major Zones
Protect Core Network
Protect E-Commerce
Protect Remote Offices
Protect Business Applications Data
10Mbps 1Gbps
1Gbps 10Gbps
1Gbps 10Gbps
nx1Gbps nx10Gbps
18
10 GbE NIPS Opportunities
Protect WAN Perimeter
Protect Major Zones
Protect Core Network
Protect E-Commerce
Protect Remote Offices
Enterprises For Server Farm protection, between
the Core switches and the Server Aggregation
switches Telecom At the edge (Internet POPs),
Core and Server Farm
Protect Business Applications Data
10Mbps 1Gbps
1Gbps 10Gbps
1Gbps 10Gbps
nx1Gbps nx10Gbps
19
Competition

• Good News No actual competition in the 10 GbE
  NIPS market
• ISS No 10 Gbps. False claims on GX6116.pdf.
  Find Analysis.doc
• McAfee No 10 Gbps, though an announcement was
  made on 22/05/2007 (http//www.itcinstitute.com/di
  splay.aspx?id3647). Max is 2Gbps
• Cisco No 10 Gbps, max is 4 Gbps (Actually its 2
  Gbps)
• Juniper - No 10 Gbps, max is 1 Gbps
• Top Layer No 10 Gbps, max is 2 Gbps

20
Summary

• TippingPoints 10 GbE NIPS is a very
  Cost-Effective, Reliable and Pay-as-you-Grow
  model
• There are immense opportunities at the Enterprise
  and Telecom verticals
• The smallest deal of protecting Server Farm
  behind a CrissCross design of Core Switches
  Catalyst switches is 350K (2 x CCs 2 x
  TP2400s SMS)
• Good news, no competition !!!

21

• Thank You