Call a Specialist Today! 844-294-0783

Brocade Flow Optimizer
Policy-based, Intelligent Flow Management


Overview:

As organizations continue their digital transformation, the underlying network becomes increasingly critical for supporting end user applications and services. With this increasing reliance on and use of network infrastructure to support increasing and dynamic IT workloads, network traffic, service complexity, and security become more taxing. Network managers face network performance and reliability challenges, including security-related attacks and breaches, resulting in service disruptions that can occur at any moment.

Organizations can use Brocade Flow Optimizer to proactively help increase network efficiency, improve resource utilization, mitigate network attacks, and significantly reduce network congestion. The Brocade Flow Optimizer is an easy to deploy open Software-Defined Networking (SDN) application that detects and manages large Layer 2 through Layer 4 traffic flows in service provider and enterprise networks. By defining policies for proactive monitoring and automated management of large traffic flows and programming those policies into Brocade Flow Optimizer to optimize their network infrastructure, organizations can perform the following:

  • Detect and mitigate threats in the network quickly and efficiently with:
    • Real-time programmability of the network
    • Support for BGP Remote Triggered Black Hole (RTBH)
    • Integration with third-party security and analytics platforms
  • Monitor, tune, and map network flows for intelligent Service Level Agreement (SLA) management with:
    • Profile granularity and enhanced flow reporting
    • OpenFlow statistics
    • Logical Port/MPLS LSP selection
    • Ease of manageability and visualization via GUI

The Brocade Flow Optimizer application is supported by the Brocade MLX® Series Routers as well as the Brocade ICX Switches. The application comes with a Web-based Graphical User Interface (GUI) that provides simple profile configurations and a detailed view of the dashboard and associated settings. Additionally, REST APIs facilitate customized integration into existing network environments and cloud orchestration systems.

Highlights

  • Helps improve business agility by streamlining network operations via policy-driven visibility and control of network flows
  • Provides distributed attack mitigation by programmatically sensing and clipping DDoS flows at router and switch ports
  • Extracts network-wide visibility of Layer 2 through Layer 4 traffic flows through sFlow and OpenFlow collected from network devices
  • Delivers real-time control of flows (drop, meter, remark, mirror, normal forward) through OpenFlow rules pushed to entire network for deterministic forwarding driven by policy
  • Automates policy applied via an embedded GUI or through an open API

Detection and management of large L2-L4 traffic flows

  • Remarking QoS priorities for traffic flows
  • Redirecting flows
  • Rate Limiting (metering) flows
  • Discarding flows

Detection and management of large L2-L4 traffic flows

Intelligent Policy-Based Large Flow Management

The Brocade Flow Optimizer application gives you insights into your network traffic by viewing large L2 through L4 traffic flows. The application improves visibility and control while offering new levels of network automation. With this added network intelligence, you can increase network efficiency, proactively improve capacity planning, and eliminate network congestion.

Real-Time Flow Management

Real-Time Flow Management

Identify large L2-L4 traffic flows while simplifying decision-making and gaining better control of your network, improve network downtime planning for implementing network upgrades while enhancing threat mitigation by identifying good versus bad flows, and supporting multiple 200G flows at a time.

Increased Network Agility

Increased Network Agility

Increase your service velocity and granular service-level agreements (SLAs) with proactive traffic engineering that enables an improved customer experience while eliminating expensive network failures and incidents.

Open SDN Architecture

Open SDN Architecture

Low-risk, modular solution supports OpenDaylight-certified controllers, leverages OpenFlow 1.3, supports Hybrid Port for OpenFlow and IP/MPLS, and uses REST APIs for automation capabilities.

Key Benefits:

Mitigate network attacks in near realtime

Brocade is committed to providing the best experience for transitioning to open SDN.

Avoid network congestion to help improve customer experience

Brocade Flow Optimizer detects large Layer 2 through Layer 4 traffic flows and proactively mitigates against the following types of attacks: NTP Reflection, UDP Flooding, DNS Reflection, ICMP Ping Flooding, Simple Service Delivery Protocol (SSDP), Character General (CharGEN), and Quote of the Day. This addresses a critical concern for organizations subscribing to Layer 2 and Layer 3 VPN services who want to ensure that large traffic flows are not high-volume network attacks that could impact and shut down the overall network.

In addition to stopping the DDoS attack at the ingress to the network, Brocade Flow Optimizer also supports Remote Triggered Black Hole (RTBH) using BGP. This well-known standards-based Internet operation enables Brocade Flow Optimizer to trigger the upstream router to drop offending traffic or redirect it to a cleaning site if the upstream link is congested above 50 percent by a DDoS attack. This automation of RTBH reduces mitigation time for an attack to a matter of minutes, as opposed to hours.

If advanced DDoS detection is required, Brocade Flow Optimizer also supports integration with third-party devices to assess application flow information through an open application programming interface (API.) Flow Optimizer mirrors flows to an IDS appliance for enhanced detection up to Layer 7, based on the IDS specific capability. Upon detection, an API from the IDS to the Flow Optimizer API initiates additional discard actions.

Avoid network congestion to help improve customer experience

Brocade Flow Optimizer can detect traffic flows and proactively remark, redirect, or meter specific flows according to established policies. This helps avoid network congestion, latency and network violations, thus helping ensure customer SLAs.

Improve operational and infrastructure efficiency

Brocade Flow Optimizer allows network and IT managers to identify and track network usage patterns. These reports can in turn be used to help run the business more efficiently such as to determine appropriate network downtime for planned network upgrades or to monitor end-user usage compared to subscribed service to maximize top line revenue.

Seamless deployment in the network for improved operations

Organizations can introduce Brocade Flow Optimizer into any Brocade ICX or MLXe network and easily solve immediate problems through the operational benefits of SDN without the need to develop software or understand SDN protocols. Additionally, leveraging Brocade Hybrid Port mode innovation, customers can seamlessly deploy this SDN capability alongside existing IP/MPLS services.

In this mode, the network can continue to forward most traffic using traditional forwarding methods and begin selectively applying SDN to report and control specific flows of traffic with Brocade Flow Optimizer. In doing so, organizations can protect their existing network infrastructure investments while evolving their networks and begin to realize the benefits of SDN to improve their network operational agility.

Easily deploy a production-ready nonproprietary solution

Brocade Flow Optimizer is a modular, open and non-proprietary, fully tested, quality-assured, and commercially supported application running under any Open Daylight-compliant SDN controller and is supported by the Brocade MLXe Series Core Routers and the Brocade ICX Campus Network Switches.

Simple and user-friendly interface with real-time network visibility

Access to Brocade Flow Optimizer is provided via an easy-to-install and intuitive web-based GUI. An application dashboard provides real-time graphical overviews of various traffic types and flows, showing multiple actions and events simultaneously.

Ease of integration with cloud orchestration systems

Brocade Flow Optimizer supports programmable REST APIs, which allow customers to facilitate configuration, operational and analytical IT DevOps automation, and integration with cloud orchestration systems.

Real-time events

Brocade Flow Optimizer allows event logging by application and with storage for up to one month. Once this limit is hit, the events are purged to clear space for logging of new events.

Support for large data center and network connections

Brocade Flow Optimizer handles multiple flows for traffic up to 200 Gbps to support large volumes of data center and network connections.

Brocade Global Services

Brocade Global Services has the expertise to help organizations build scalable, efficient cloud infrastructures. Leveraging 20 years of expertise in storage, networking, and virtualization, Brocade Global Services delivers worldclass professional services, technical support, and education services, enabling organizations to maximize their Brocade investments, accelerate new technology deployments, and optimize the performance of networking infrastructures.

Affordable Acquisition Options

Brocade Capital Solutions helps organizations easily address their IT requirements by offering flexible network acquisition and support alternatives. Organizations can select from purchase, lease, Brocade Network Subscription, and Brocade Subscription Plus options to align network acquisition with their unique capital requirements and risk profiles.

Maximizing Investments

To help optimize technology investments, Brocade and its partners offer complete solutions that include professional services, technical support, and education.

Features:


Features Details
Flow monitoring and reporting
  • Parse IPsec headers from the sFlow samples
  • Parse VXLAN headers (monitoring) and flow bandwidth estimation
  • Parse MPLS headers (monitoring) and flow bandwidth estimation
  • View OpenFlow statistics
  • Tag (flow naming) Learned Flows and User-defined Flows
  • Support manual user-defined actions
Flow aggregation and regeneration
  • Ingress port (in-port) for DROP and REDIRECT actions
  • OpenFlow Logical Interface
  • Ether type as a Layer 2 match criteria
  • MAC address mask for Layer 2 source and destination
  • VLAN modify and VLAN POP for redirect action
  • Wild cards in network attributes of profile
  • Wire tapping; local flow mirroring
  • SDN-based Flow TAP; configure multi-flows/multi-actions
Security and profiles
  • NTP Reflection profile
  • CharGEN profile
  • Custom profiles; support for up to 50
  • Automated BGP Remote Triggered Black Hole (RTBH)
  • Layer 7 integration with BRO and FireEye Networks
  • sFlow registration and device management
Manageability
  • HTTPS communication between Brocade Flow Optimizer and the Brocade SDN Controller
  • Advanced historical charts and graphs
  • Application infrastructure (Logging, Help, Support Save)
  • E-mail notifications
  • REST API support for third-party integration

Deployment:

Brocade Flow Optimizer Solution Components.
Figure 1: Brocade Flow Optimizer Solution Components.

Specifications:

The recommended system and required operating environment includes:

Brocade Flow Optimizer Specifications
Server
  • Linux
    • Ubuntu 14.0.4 (64 Bit), CentOS 7
    • Server must have in-band connectivity to Brocade MLXe Routers or Brocade ICX Switches to receive sFlow packets
Server CPU Intel Core: Four cores or equivalent
Server memory and storage
  • 16 GB RAM
  • 256 GB of free hard disk drive space
Brocade SDN Controller
  • • Brocade SDN Controller version 2.3.0
  • OpenDaylight Controller SR3
Switch/router firmware
  • NetIron OS version 6.0 (Brocade MLXe Router)
  • FastIron OS version 8.0.40.0 (Brocade ICX Switch)
Browser client Google Chrome

Documentation:

Download the Brocade Flow Optimizer Datasheet(PDF).