"We want to look at this in a new way," says Prashant Gandhi, vice president of product management and strategy at Big Switch. "We will copy traffic to monitoring tools using SDN software and off-the-shelf switches. With the same budget you can monitor 3x, 4x the traffic."
Customers should "move NPBs to the sideline" as a service node where 20% of the network's traffic will be routed for service chaining before it goes to a monitoring tool, Gandhi says.
"Those few features where you need NPBs you can always attach it to the side," he says.
Python scripts can also be created to program copies of flows to other devices network-wide vs. configuring each NPB through a command line interface, Gandhi says. Such manual configuration "adds another level of complexity to making the environment provisionable," he says.
If Big Tap 4.5 emerges in six months, it'll be six months behind in functionality compared to NPBs, says Andrew Harding, vice president of products at NPB maker VSS Monitoring.
"Tomorrow they'll claim what a broker did yesterday," Harding says. "[Big Switch] is an SDN start-up trying to do something new because they couldn't do the first thing they tried. If you need a packet broker, look to a packet broker vendor."
VSS says that an open source application for managing SDNs like Big Tap or the Open Network Foundation's OpenFlow-based SampleTap -- is OK for simple use cases, such as experimentation in educational and lab deployments. In this role, it can serve as a starting point for software and network engineers learning about networking and SDNs, or as a cost-effective low- to mid-performance SDN monitoring system.
But SDN applications alone fail to provide the visibility and security required for large scale networks, VSS claims.
"Today, an SDN system can't do what a packet broker can do," Harding says. "They can't provide you with physical taps, or tap into an SDN other than their own. Use OpenFlow for the lab but a network packet broker for your production network."
Nonetheless, VSS Monitoring has partnered with IBM to offer an OpenFlow-based monitoring fabric for SDNs employing IBM's 5000V virtual switch. Harding says VSS Monitoring NPBs can also instrument virtual switches from Cisco and VMware through a combination of the IBM virtual distributed switch and VSS Monitoring's Optimizer 2400 hardware.
Both Cisco and VMware virtual switches provide access to their virtual mirror or SPAN ports. The IBM vSwitch in the host server directs traffic from the virtual SPAN port to the physical monitoring infrastructure, thereby providing both physical and virtual network visibility in an out-of-band unified visibility plane, Harding says.
NPBs can be also be meshed and load balanced into a networkwide fabric. This is in contrast to a "stack of a bunch of commodity switches, each with a power supply that can fail" serving as an SDN TAP, Harding says.
Sign up for CIO Asia eNewsletters.