l DATA SHEET l
nGenius 4200 Series Packet
Flow Switch
Hardware-accelerated Packet Optimization for Performance
Monitoring and Security Systems on 40G Networks
Product Description
HIGHLIGHTS
• 2 Rackmount Unit (RU) chassis with hotswappable architecture
• 640 Gbps unidirectional (1.28 Tbps
bidirectional) throughput and nonblocking switching fabric
• Up to 4 swappable chassis modules
• Up to 64 non-blocking ports of 1GE and/
or 10GE per chassis
• Up to 16 non-blocking ports of 40GE
per chassis
• Line rate performance on all features,
including rate conversion, aggregation,
replication, filtering, load balancing, port
tagging, time stamping, de-duplication,
protocol stripping, conditional masking
and slicing, encapsulate filtering and
balancing, and tunneling over TCP/IP
• IP Tunnel termination (e.g. ERSPAN,
NVGRE)
• Intelligent fully meshed stacking/
interconnect (vMesh)
• Management via command line, XML
API, and graphical user interfaces for
local and remote access
• NEBS III Compliant
The nGenius® 4200 series packet flow switch (PFS) is a NEBS level III compliant, highly scalable
modular system that bridges the gap between 1G/10G and 40G Ethernet networks and tools.
The nGenius 4204 packet flow switch model consists of a 2RU chassis that supports up to four
chassis modules, with each module supporting up to 160 Gbps throughput – for a chassis total
of 640 Gbps of unidirectional (or 1.28 Tbps of bidirectional) throughput and up to 64 ports. All
ports on each chassis module are enabled by default, with each port configurable as a network
traffic, intermediate (service), or monitoring tool port.
With the vMesh self-organizing architecture, traffic capture devices can be deployed in a
redundant, low-latency meshed architecture for dynamic and fault-tolerant visibility that can
scale to over 40001 ports across LAN and WAN environments.
Delivery Optimization
Beyond scalable aggregation, replication, and speed conversion, nGenius 4204 packet flow
switch supports line rate hardware-based packet filtering and session-based load balancing of
packets to tools.
User-independent filtering allows traffic to be distinguished according to source and/or
destination MAC address, IP address, SCTP/TCP/UDP port, as well as by specific protocols, such
as HTTP, VoIP (SIP, RTP), and others. A custom filter enables more granularity, specifically within
the payload of a packet. Filters can be ingress, egress, and overlapping.
Session-based, flow-aware load balancing enables user control of traffic distribution to
monitoring tools, increasing output capacity while maintaining session integrity. For example, a
40G network can be captured and automatically balanced across multiple 10G or 1G monitoring
tool ports based on user-defined session criteria. The load balancing can operate in tandem
with hardware-based filtering or independently.
Total number of ports in a single vMesh is dependent on quantity and complexity of filtering.
1
nGenius 4204 PFS| Up to 64 Port 1/10 GE or up to 16 Port 40 GE
PACKET FLOW SWIT C H
l DATA SHEET l nGenius 4200 Series Packet Flow Switch
Packet Optimization
In addition to delivering the right traffic to the right tools, nGenius 4200 series packet flow
switch optimizes the packets themselves to improve the efficiency and effectiveness of the
monitoring applications.
nGenius 4200 series packet flow switch advanced hardware-acceleration enables packets to be
optimized at line-rate, with minimal latency and with negligible jitter, for a broad range of functions,
which include removal of duplicate packets, removal of tunneling or encapsulation protocol
headers, removal of undesired (or authorized) payload, addition of a timestamp, and others.
Security Optimization
To take action as offenders and bad actors are detected, the active inline security tools need to see
and handle all the traffic that needs to be inspected.
nGenius 4204 packet flow switch with vProtector mode allows aggregation, filtering, and loadbalancing of actual network traffic toward multiple inline security applications whilst maintaining
only a single intrusion into each network link. The integration of PowerSafe chassis modules
ensures that the security policies are adhered to during power failure, and the deployment of
application-specific health checks (not just heartbeats) in conjunction with policy-based triggering
facilitates automatic failure scenarios including high availability.
Management
The nGenius 4200 series packet flow switch can be locally managed via a serial console and
remotely managed via a Web GUI, CLI, XML API, and Management Center (vMC™) using HTTP,
HTTPS, SSH, or Telnet. Users can monitor the system via use of Syslog and SNMP.
All PFS devices support field software updates for additional features and performance
enhancements. The vMC supports full management and configuration of nGenius 4200 series
packet flow switch, as well as nGenius 2200 series packet flow switch and nGenius 6000 series
packet flow switch devices.
The nGenius packet flow switch series, including nGenius 4204 packet flow switch, also provide
automated event-driven monitor output traffic direction and responses (Syslog messages, SNMP
traps, light front LED, deactivate ports) with a variety of user-definable trigger event types.
Power and Compliance
nGenius 4200 series packet flow switch is NEBS III compliant; it is available with hot-swappable
power supplies, fans, air filters, and chassis modules. Redundant power supplies allow seamless
transitions between power systems to ensure uptime.
PACKET FLOW SWIT C H
2
l DATA SHEET l nGenius 4200 Series Packet Flow Switch
Features and Benefits
Features
Benefits
Up to 64 line-rate ports in 2RU
Highly scalable and modular system:
• 64 x 1G/10G
• 16 x 40G
• Mix of 1G/10G/40G
•
•
•
•
Compatible with SFP, SFP+, QSFP+ MSA compliant transceivers including
direct attach copper and active fiber cables.
I/O configurable
• Full flexibility in selecting ports for network access, intermediate
service, interconnect, or monitor output
• IP tunnel (e.g. ERSPAN, GRE, NVGRE/L2GRE) termination
Selective aggregation
• Fully flexible any-to-any port mapping
Hardware-based filtering
•
•
•
•
•
•
User-independent
OSI Layers 2-7
Custom offset
Ingress
Egress
Overlapping
Session-based/flow-aware load balancing
• Distributes traffic load across multiple instances of a tool or tool port
• Maintains session stickiness for full conversations
• Up to 32 ports per group
Monitor traffic port tagging
• Provides identification of traffic based on source network/link using
–– VLAN tagging, or
–– Port stamping
Microburst mitigation
• High Data Burst Buffering
Microburst detection
• vCapacity measurement
Hardware-based advanced packet optimization
• Accurate time stamping (from 4.5ns) for latency analysis
• Selective removal of duplicate packets
• Protocol (Fabric Path, GRE, GTP, MAC-in-MAC, MPLS, NVGRE, TRILL,
VLAN, VN-tag, VXLAN) header removal for broader tool support
• Conditional packet masking (vMask™) for selective payload obfuscation
• Conditional packet slicing (vSlice™) for selective payload removal
• Adaptive load balancing of GTP, MPLS, and multi-VLAN
encapsulated traffic
vStack+®
• Enables vMesh architecture for local and remote interconnection of up
to 256 PFS devices3 as a single redundant system
• Works over LAN and WAN connections
Reduces per-port cost and increases flexibility
Condenses footprint (rack space)
Reduces power consumption
Simplifies management
• Enables agile response to monitoring infrastructure changes
• Allows virtualized traffic to be forwarded over an IP network to PFS
ingress ports, and then forwarded onto monitoring devices as is, or
de-encapsulated2
• Enables scalable aggregation to maximize agility and tool visibility
• Addresses asymmetrical routing issues
• Allows only “traffic of interest” to be forwarded to each tool, which
increases tool efficiency and reduces the number of required tool
interfaces
• Prevents oversubscription of monitoring tools and security systems –
eliminating blind spots without sacrificing session integrity
• 10G and 40G copied traffic can be easily distributed across multiple
lower speed tool ports, allowing users to preserve existing tool
investments
• Users can quickly and precisely pinpoint where an issue, such as
latency or security event, is occurring in the network
• Provides options for different tools to access port identification
• Prevents packet loss resulting from aggregation or speed conversion
of bursty traffic (microbursts)
• Provides capacity planning data to analyze traffic profiles
and burstiness
• Provides time-of-capture data, as well as greater granularity in
selecting traffic for tools, enabling tools to perform faster, more
effective analysis
• Minimizes amount of traffic volume to backhaul
• Ensures coherent forwarding of traffic to tools
• Enabling compliance to privacy regulations
• Ensures highly available monitoring
• Scales visibility with network infrastructure and new tools
Requires Advanced chassis module.
2
Total number of packet flow switches in a single vMesh is dependent on device sizes, number of ports, and complexity of filtering.
3
PACKET FLOW SWIT C H
3
l DATA SHEET l nGenius 4200 Series Packet Flow Switch
Features
Benefits
Active inline access and forwarding
•
•
•
•
•
•
•
•
•
•
Failsafe access using PowerSafe
Aggregation towards any tool, including AIA translation
Filtering and load balancing
Efficient inline tool chaining
Customizable health check packets and triggering
Policy-based event triggering and actions
• Dynamic traffic redirection based on occurrence of events
• Send alerts when specific events occur
Local and remote management
•
•
•
•
•
•
XML API
CLI (Telnet/SSH)
GUI (HTTP/HTTPS)
vMC (HTTP/HTTPS)
SNMP (v1, v2, v3)
Syslog
Role-based access
Maintains network uptime
Removes multiple points of failure
Gains visibility for a single inline security tool, e.g. security proxy, IPS
Easy deployment of layered security
Removes multiple points of failure including “positive” and
“negative” checks
• Policy-based automation reduces management overhead and enables
faster response times to incidents
• Easy to use via graphical interfaces or via CLI for users already familiar
with using CLIs
• Easy integration with applications using CLI or XML API
• Alerts can be received by any Syslog server or SNMP manager
• Conforms to security policy needs of IT organizations
• Multiple user support
• Flexible per-user privileges and access control
AAA security (RADIUS and/or TACACS+) and Local authentication
• Meets authentication policy needs of IT organizations
Network activity
• Packet statistics provided per port, for both Rx and Tx
• Packet counts, throughput (bps), utilization (%), bad/errored packets,
and packet drops
Warm swappable chassis modules
• Maintains high availability for 99.999% uptime (five-9s) or better
• Scales to meet changing needs
Redundant, universal power supply units
• Maintains high availability for 99.999% uptime (five-9s) or better
• AC and DC hot-swappable options
PACKET FLOW SWIT C H
4
l DATA SHEET l nGenius 4200 Series Packet Flow Switch
Chassis and Modules
nGenius 4204 PFS Components
Description
Base Chassis
Base 4-slot nGenius 4204 packet flow switch chassis, including:
•
•
•
•
•
•
•
1G/10G standard chassis module
2 x Management port
1 x Serial console port
1 x GPS port
1 x PTP port
1 x 1PPS port
2 x Power supply units (redundant)
1 x Fan tray
16 x 10G/1G SFP+ standard edition chassis module for nGenius 4204 packet flow switch
• Allows up to 64 x 10G/1G ports with base feature set
40G standard chassis module
4 x 40G QSFP+ standard edition chassis module for nGenius 4204 packet flow switch
• Allows up to 16 x 40G ports with base feature set
1G/10G Advanced chassis module
16 x 10G/1G SFP+ Advanced edition chassis module for nGenius 4204 packet flow switch
• Allows up to 64 x 10G/1G ports with advanced feature set
40G Advanced chassis module
4 x 40G QSFP+ Advanced edition chassis module for nGenius 4204 packet flow switch
Allows up to 16 x 40G ports with advanced feature set
1G/10G PowerSafe chassis modules
16 x LC Standard edition PowerSafe chassis modules for nGenius 4204 packet flow switch
• Allows up to 64 x 10G/1G ports with active Bypass or active TAP, and base feature set
• Multimode OM4 and Singlemode OS2 variants
40G PowerSafe chassis modules
4 x LC and MPO standard edition PowerSafe chassis modules for nGenius 4204 packet flow switch
• Allows up to 8 x MPO or 16 x LC 40G ports with active Bypass or active TAP, and base feature set
• Multimode OM4 MPO, Multimode OM4 BiDi LC, and Singlemode OS2 LC variants
AC Power Supply Unit
100 to 240V, 50/60 Hz AC Power Supply Unit (included in base chassis)
DC Power Supply Unit
-48V DC Power Supply Unit (included in base chassis)
Rear Fan Tray
Hot-swappable Rear Fan Tray
PACKET FLOW SWIT C H
5
l DATA SHEET l nGenius 4200 Series Packet Flow Switch
Product Specifications
Physical Characteristics
nGenius 4204 PFS Components
Height
Width
Depth
Weight
Base Chassis
2U (3.5 in. / 89 mm)
17.3 in. / 441 mm
27.5 in. / 699 mm
30.5 lb. / 13.8 kg
1G/10G standard chassis module
1.6 in. / 40 mm
6.9 in. / 174 mm
12.1 in / 308 mm
3.4 lb. / 1.54 kg
40G standard chassis module
1.6 in. / 40 mm
6.9 in. / 174 mm
12.1 in / 308 mm
3.1 lb. / 1.41 kg
1G/10G Advanced chassis module
1.6 in. / 40 mm
6.9 in. / 174 mm
12.1 in / 308 mm
4.2 lb. / 1.91 kg
40G Advanced chassis module
1.6 in. / 40 mm
6.9 in. / 174 mm
12.1 in / 308 mm
3.9 lb. / 1.77 kg
1G/10G PowerSafe chassis modules
1.6 in. / 40 mm
6.9 in. / 174 mm
12.1 in / 308 mm
3.6 lb. / 1.63 kg
40G PowerSafe chassis modules
1.6 in. / 40 mm
6.9 in. / 174 mm
12.1 in / 308 mm
3.3 lb. / 1.5 kg
AC Power Supply Unit
3.3 in. / 85 mm
4.2 in / 106 mm
9.2 in. / 234 mm
3.3 lb. / 1.5 kg
DC Power Supply Unit
3.3 in. / 85 mm
4.2 in / 106 mm
9.4 in. / 239 mm
2.8 lb. / 1.3 kg
Rear Fan Tray
3.3 in. / 85 mm
6.3 in / 159 mm
5.1 in. / 129 mm
1.3 lb. / 0.6 kg
Power Specifications
nGenius 4204 PFS Components
Specifications
Base chassis
100 to 240 V AC, 130 W. Fully loaded: 720 W, 8.0 A
-48 V DC, 125 W. Fully loaded: 600 W, 15.0 A
1G/10G standard chassis module
39 W AC, 36 W DC
40G standard chassis module
33 W AC, 31 W DC
1G/10G Advanced chassis module
90 W AC, 85 W DC
40G Advanced chassis module
85 W AC, 80 W DC
1G/10G PowerSafe chassis modules
40 W AC, 38 W DC
40G PowerSafe chassis modules
34 W AC, 31 W DC
AC Power Supply Unit
720 W, 8.0 A
DC Power Supply Unit
600 W, 15.0 A
Rear Fan Tray
Environmental Specifications
Temperature
Operating: 32 to 122 °F / 0 to +45 °C
Storage: -4 to 212 °F / -20 to +100 degrees °C
Humidity
Operating: 20% - 80%, non-condensing
Storage: 5% – 95%, non-condensing
Electrical and Optical Characteristics
Aspect
Data rates
1Gbps, 10Gbps, 40Gbps
Interface types
Ethernet: 1000 Base-T, 1000 Base-SX, 1000 Base-LX, 1000 Base-ZX,
10G Base-LR, 10G Base-ER, 10G Base-ZR, 10G Base-SR, 10G SFPwire,
40G Base-SR4, 40G Base-LR4, 40G Base-ER4, 40G Quadwire FDR
Propagation delay
< 3.2μs for 10G and 40G, <13.2μs for 1G
PACKET FLOW SWIT C H
6
l DATA SHEET l nGenius 4200 Series Packet Flow Switch
Standards and Compliance
Standard
Specification(s)
Ethernet
IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3ae, IEEE 802.3z
VLAN
IEEE 802.1Q, IEEE 802.1ad
PTP
IEEE 1588-2008
NTP
IETF RFC 5905
ARP
IETF RFC 826
IP
IETF RFC 791, 2460
UDP
IETF RFC 768
TCP
IETF RFC 793
FTP
IETF RFC 959, 2228
Telnet
IETF RFC 854
SSH
IETF RFC 4251, 4252, 4253
HTTP
IETF RFC 2616, 2817
TLS (SSL)
IETF RFC 4492, 5246
SNMP
IETF RFC 1157, 3411-3418
Syslog
IETF RFC 5424
RADIUS
IETF RFC 2865, 2866
TACACS+
IETF RFC 1492
EMC
FCC Part 15 Class A, VCCI Class A, EN55022/CISPR-22 Class A, Australia/New Zealand AS/NZS
CISPR-22 Class A, CE Mark EN 55022 Class A, ETSI EN300 386 V1.3.2, EN61000-4-2, EN 61000-4-3,
61000-4-4, EN 61000-4-5, EN 61000-4-6, EN 61000-3-2
Safety
UL 60950-1, CSA C22.2 EN 60950-1, IEC-60950-1
NEBS Level 3
GR-63, GR-1089
RoHS
RoHS 6, EU directive 2002/95/EC
PACKET FLOW SWIT C H
7
l DATA SHEET l nGenius 4200 Series Packet Flow Switch
Ordering Information
Part Numbers
Description
4204NA000000
nGenius 4200 series packet flow switch – 4204 chassis (4-slot), AC power
4204ND000000
nGenius 4200 series packet flow switch – 4204 chassis (4-slot), DC power
4200NMGA2000
4200 Series – 1/10G chassis module with 16 x 1Gb/10Gb SFP+ Ports
4200NMHM4000
4200 Series – 40G chassis module with 4 x 40Gb QSFP+ ports
4200NMGA2J0A
4200 Series – 1/10G Advanced chassis module with 16 x 1Gb/10Gb SFP+ & FPGA ports
4200NMHM4H0A
4200 Series – 40G Advanced chassis module with 4 x 40Gb QSFP+ & FPGA ports
4200NMGA2JDC
4200 Series – 1/10G PowerSafe chassis module with 12x 1/10G LC MM 50micron SX/SR & 4x
1/10G LC SM LX/LR ports and 8 x Bypass pairs
4200NMGA2JBC
4200 Series – 1/10G PowerSafe chassis module with 16 x 1Gb/10Gb LC SX/SR MM 50micron ports
and 8 x Bypass pairs
4200NMHM4GEC
4200 Series – 40G PowerSafe chassis module with 4 x 40Gb MPO SR4 MM 50micron ports and
1 x Bypass pair
4200NMHM4HGC
4200 Series – 40G PowerSafe chassis module with 4 x 40Gb LC SR2 BiDi MM 50micron ports and
2 x Bypass pairs
4200NMGA2JAC
4200 Series – 1/10G PowerSafe chassis module with 16 x 1Gb/10Gb LC SX/SR MM 62.5micron
ports and 8 x Bypass pairs
4200NMGA2JCC
4200 Series – 1/10G PowerSafe chassis module with 16 x 1Gb/10Gb LC LX/LR SM ports and 8 x
Bypass pairs
4200NMHM4HFC
4200 Series – 40G PowerSafe chassis module with 4 x 40Gb LC LR4 SM ports and 2 x
Bypass pairs
For transceivers, please refer to list of SFP, SFP+, and QSFP+ transceivers offered by NETSCOUT®.
Corporate Headquarters
NETSCOUT Systems, Inc.
Westford, MA 01886-4105
Phone: +1 978-614-4000
www.netscout.com
Sales Information
Toll Free US: 800-309-4804
(International numbers below)
Product Support
Toll Free US: 888-357-7667
(International numbers below)
NETSCOUT offers sales, support, and services in over 32 countries. Global addresses, and international numbers are
listed on the NETSCOUT website at: www.netscout.com/company/contact-us
© 2017 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, and the NETSCOUT logo are registered trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or
other countries. All other brands and product names and registered and unregistered trademarks are the sole property of their respective owners.
PFSPDS_002-1702 12/2017
Download PDF
Similar pages