MPLS (Multiprotocol Label Switching) is a commonly used protocol created to enhance Internet Service Providers’ (ISPs’) networks with greater efficiency. As more and more ISPs are adopting MPLS nowadays, proper techniques should be applied to manage and analyze MPLS networks.
GenieATM 6000 MPLS series thus was developed to provide a flow-based solution for carrier-grade MPLS networks. Embedded with MPLS traffic modeling intelligence, GenieATM6000 MPLS can give ISPs clear traffic visibility to manage their networks with detailed analysis reports of traffic matrix between PE routers, P routers, VPNs and VPN sites. It can automatically detect anomaly activities and alert administrators to mitigate attacks that may cause the backbone network meltdown. Other powerful capacities such as GenieATM’s Snapshot and Forensic tools can further allow administrators to drill down reports of any VPN, VPN sites, MPLS labels, etc. With all details considered and thought through, GenieATM 6000 MPLS is definitely your best choice for carrier-grade MPLS VPN network traffic visibility.
Distributed Architecture with Centralized Control
GenieATM6000 MPLS provides optimal network management solution for large scale networks via simple system configuration. Like all the other GenieATM series, its scalable and distributable architecture lends itself well to the “buy as you grow” approach, allowing ISPs to add additional Collectors as their network environments expand. This also can apply to the networks which don’t have the capacity to export MPLS-aware flow records, by deploying GenieATM Info Extractor near P/PE routers; it can extract the data while not impacting the network infrastructure.
Traffic Mining with Intelligent Traffic Models Built with a top notch traffic analysis engine, GenieATM6000 MPLS delivers superior performance in providing administrators network-wide traffic visibility. Featuring an intuitive user interface including various pre-defined traffic reports ready, GenieATM6000 MPLS offers the best solution for network management.
- Guarantee a smooth and intuitive user experience via real-time TopN ranking within any specified time duration. The built-in traffic aggregation engine enhances accuracy of traffic analysis for ISP high traffic volume environments.
- Generate meaningful traffic reports by automatically analyzing pre-defined network flows (Backbone network, PE Routers, VPN, VPN site).
- Automatically discover new or changed interface and summarize a recommendation list for configuration updates.
- Provide traffic attribute reports on application, protocol +port, TOS Value, and packet Size.
- Enable users to customize reports through rule-based filtering tool and Top-N reports, enabling users to further drill down specific traffic details.
To service providers that continually seek ways to enhance network security, GenieATM 6000MPLS delivers the first-line protection for their network infrastructures. Embedded with Genie’s Network Behavior Analysis (NBA) Detection engine, GenieATM not only can analyze IP header information for anomaly signatures detection, but also can compare the real-time flow data with peace-time network traffic behaviors. It will send out alerts once suspicious traffic behaviors or possible DDoS attacks are detected, thus promising a safe environment for both the service provider backbone and VPN customers. The supported anomaly detections include:
- Traffic Anomaly: monitors a specific detection scope for unexpectedly generated enormous traffic to identify unknown network attacks (Zero-Day Attacks).
- Worm: detects known worms, such as Blaster, Sasser, Code Red, SQL Slammer, etc.
- DDoS Attack Detection: detects Protocol-Misuse anomalies, such as TCP SYN Flooding, UDP Flooding, ICMP Flooding, and enumerates possible attackers, victims and affected hosts.
- Interface Anomaly: monitors device performances, interface throughput, bandwidth utilization, (CRC) error packets, discard packets, and Multicast + Broadcast packets.
- BGP Route Instability: detects unexpected BGP routing changes or excessively-frequent BGP update messages.
Traffic Snapshot is a unique feature that enables service providers to inspect current traffic flows or historical data in an instant. As carrier grade networks usually have hundreds or thousands of links, it’s definitely a crucial matter when trying to nail down the certain locations and causes when problems occur. Thus with GenieATM’s Traffic Snapshot tool, users can have a real-time broad outlook on the traffic flows for suspicious activities. The users can then close in on the attacking traffic by repeatedly narrowing down the scope, applying different criteria and Top-N keys to pinpoint the root cause of problems.
|GenieATM 6300 MPLS||Controller with Collector embedded|
|GenieATM 6100 MPLS||Flow Collector|
All the above models are available in Genie appliances and in software versions supporting virtual machines.