l DATA SHEET l
nGenius 2200 Series Packet
Flow Switch
Hardware-accelerated Packet Optimization for Performance
Monitoring and Security Systems on 10G Networks
HIGHLIGHTS
• 2 Rackmount Unit (RU) chassis with hotswappable architecture
• 240 Gbps unidirectional (480 Gbps
bidirectional) throughput and nonblocking switching fabric
• Up to 4 swappable chassis modules
• Up to 24 non-blocking ports of 1GE
and/or 10GE per chassis
• Line rate performance on all features,
including rate conversion, aggregation,
replication, filtering, load balancing,
port tagging, time stamping, protocol
stripping, conditional slicing,
encapsulate filtering and balancing,
and tunneling over TCP/IP
• IP Tunnel termination (e.g. ERSPAN,
NVGRE)
• Intelligent fully meshed stacking/
interconnect (vMesh)
• Management via command line, XML
API, and graphical user interfaces for
local and remote access
• NEBS III Compliant
Product Description
The nGenius® 2200 series packet flow switch (PFS) is a NEBS level III compliant, highly scalable
modular system that bridges the gap between 1G and 10G Ethernet networks and tools.
The nGenius 2204 packet flow switch model consists of a 2RU chassis that supports up to four
chassis modules, with each module supporting up to 40 Gbps throughput – for a chassis total
of 240 Gbps of unidirectional (or 480 Gbps of bidirectional) throughput and up to 24 ports. All
ports on each chassis module are enabled by default, with each port configurable as a network
traffic, intermediate (service), or monitoring tool port.
With vMesh, a self-organizing architecture, traffic capture devices can be deployed in a
redundant, low-latency meshed architecture for dynamic and fault-tolerant visibility that can
scale to over 40001 ports across LAN and WAN environments, including tunneling.
Delivery Optimization
Beyond scalable aggregation, replication, and speed conversion, nGenius 2200 series packet
flow switch supports line rate hardware-based packet filtering and session-based load balancing
of packets to tools. User-independent filtering allows traffic to be distinguished according to
source and/or destination MAC address, IP address, SCTP/TCP/UDP port, as well as by specific
protocols, such as HTTP, VoIP (SIP, RTP), and others. A custom filter enables more granularity,
specifically within the payload of a packet. Filters can be ingress, egress, and overlapping.
Session-based, flow-aware load balancing provides user control of traffic distribution to
monitoring tools, increasing output capacity while maintaining session integrity. For example, a
10G network can be captured and automatically balanced across multiple 1G monitoring tool
ports based on user-defined session criteria. The load balancing can operate in tandem with
hardware-based filtering or independently.
Total number of ports in a single vMesh is dependent on quantity and complexity of filtering.
1
nGenius 2204 packet flow switch | Up to 24 Port 1/10 GE
PACKET FLOW SWIT C H
l DATA SHEET l nGenius 2200 Series Packet Flow Switch
Packet Optimization
In addition to delivering the right traffic to the right tools, nGenius 2200 series packet flow
switch optimizes the packets themselves to improve the efficiency and effectiveness of the
monitoring applications.
The nGenius 2200 series packet flow switch advanced hardware-acceleration enables packets to
be optimized at line-rate, with minimal latency and negligible jitter, for a broad range of functions,
which include removal of tunneling or encapsulation protocol headers, removal of undesired (or
authorized) payload, addition of a timestamp, and others.
Active Protection
To take action as offenders and bad actors are detected, the active inline security tools need to see
and handle all the traffic that must be inspected.
nGenius 2200 series packet flow switch with vProtector mode allows aggregation, filtering,
and load-balancing of real-time network traffic toward multiple inline security applications
while maintaining only a single intrusion into each network link. The integration of PowerSafe
chassis modules ensures that the security policies are maintained during power failure, and the
deployment of application-specific health checks (not just heartbeats) in conjunction with policybased triggering facilitates automatic failure scenarios including high availability.
Management
nGenius 2200 series packet flow switch can be locally managed via a serial console and remotely
managed via a Web GUI, CLI, XML API, and the Management Center (vMC™) using HTTP, HTTPS,
SSH, or Telnet. Users can monitor the system via use of Syslog and SNMP.
All PFS devices support field software updates for additional features and performance
enhancements. The vMC supports full management and configuration of nGenius 2200 series
packet flow switch, as well as nGenius 4200 series packet flow switch and nGenius 6000 series
packet flow switch products.
The nGenius packet flow switch series, including nGenius 2204 packet flow switch, provides
automated event-driven monitor output traffic direction and responses (Syslog messages, SNMP
traps, light front LED, deactivate ports) with a variety of user-definable trigger event types.
Power and Compliance
nGenius 2200 series packet flow switch is NEBS III compliant; it is available with hot-swappable
power supplies, fans, air filters, and chassis modules. Redundant power supplies allow seamless
transitions between power systems to ensure uptime.
PACKET FLOW SWIT C H
2
l DATA SHEET l nGenius 2200 Series Packet Flow Switch
Features and Benefits
Features
Benefits
Up to 24 line-rate ports in 2RU
Highly scalable and modular system:
• 24 x 1G/10G
• Advanced ports are either 1G or 10G, depending on image
•
•
•
•
Compatible with SFP, SFP+, QSFP+ MSA compliant transceivers including
direct attach copper and active fiber cables
I/O configurable
• Full flexibility in selecting ports for network access, intermediate
service, interconnect, or monitor output
• IP tunnel (e.g. ERSPAN, GRE, NVGRE/L2GRE) termination
Selective aggregation
• Fully flexible any-to-any port mapping
Hardware-based filtering
•
•
•
•
•
•
User-independent
OSI Layers 2-7
Custom offset
Ingress
Egress
Overlapping
Session-based/flow-aware load balancing
• Distributes traffic load across multiple instances of a tool or tool port
• Maintains session stickiness for full conversations
• Up to 32 ports per group
Monitor traffic port tagging
• Provides identification of traffic based on source network/link using:
–– VLAN tagging, or
–– Port stamping
Microburst mitigation
• High Data Burst Buffering2
Microburst detection
• vCapacity™ measurement
Hardware-based advanced packet optimization2
• Accurate time stamping (from 4.5ns) for latency analysis
• Protocol (Fabric Path, GRE, GTP, MAC-in-MAC, MPLS, NVGRE, TRILL,
VLAN, VN-tag, VXLAN) header removal for broader tool support
• Conditional packet slicing (vSlice™) for selective payload removal
• Adaptive load balancing of GTP, MPLS, and multi-VLAN
encapsulated traffic
• Adaptive filtering of GRE, GTP, MPLS, and multi-VLAN
encapsulated traffic
vStack+
• Enables vMesh architecture for local and remote of up to 256 PFS
devices3 as a single redundant system
• Works over LAN and WAN connections
• Tunneling packets over TCP/IP, optionally
with encryption
2
Reduces per-port cost and increases flexibility
Condenses footprint (rack space)
Reduces power consumption
Simplifies management
• Enables agile response to monitoring infrastructure changes
• Allows virtualized traffic to be forwarded over an IP network to PFS
ingress ports, and then forwarded onto monitoring devices as is, or
de-encapsulated2
• Enables scalable aggregation to maximize agility and tool visibility
• Addresses asymmetrical routing issues
• Forwards only traffic of interest to each tool, which increases tool
efficiency and reduces the number of required tool interfaces
• Prevents oversubscription of monitoring tools and security systems –
eliminating blind spots without sacrificing session integrity
• 10G copied traffic can be easily distributed across multiple lower
speed tool ports, allowing users to preserve existing tool investments
• Users can quickly pinpoint where an issue, such as latency or security
event, is occurring in the network
• Provides options for different tools to access port identification
• Prevents packet loss resulting from aggregation or speed conversion
of bursty traffic (microbursts)
• Provides capacity planning data to analyze traffic profiles
and burstiness
• Provides time-of-capture data, as well as greater granularity in
selecting traffic for tools, enabling tools to perform faster, more
effective analysis
• Minimizes amount of traffic volume to backhaul
• Ensures coherent forwarding of traffic to tools
• Ensures highly available monitoring
• Scales visibility with network infrastructure and new tools
• Ensures delivery of traffic across LAN or WAN to tools
Requires advanced chassis module.
Total number of packet flow switches in a single vMesh is dependent on device sizes, number of ports, and complexity of filtering.
3
PACKET FLOW SWIT C H
3
l DATA SHEET l nGenius 2200 Series Packet Flow Switch
Features
Benefits
Policy-based event triggering and actions
• Policy-based automation reduces management overhead and enables
faster response times to incidents
• Dynamic traffic redirection based on occurrence of events
• Send alerts when specific events occur
Active inline access and forwarding
•
•
•
•
•
Failsafe access using PowerSafe
Aggregation towards any tool, including AIA translation
Filtering and load balancing
Efficient inline tool chaining
Customizable health check packets and triggering
Local and remote management
•
•
•
•
•
•
XML API
CLI (Telnet/SSH)
GUI (HTTP/HTTPS)
vMC (HTTP/HTTPS)
SNMP (v1, v2, v3)
Syslog
Role-based access
•
•
•
•
•
Maintains network uptime
Removes multiple points of failure
Gains visibility for a single inline security tool, e.g. security proxy, IPS
Easy deployment of layered security
Removes multiple points of failure including “positive” and
“negative” checks
• Easy to use via graphical interfaces or via CLI for users already familiar
with using CLIs
• Easy integration with applications using CLI or XML API
• Sends alerts to any Syslog server or SNMP manager
• Conforms to security policy needs of IT organizations
• Multiple user support
• Flexible per-user privileges and access control
AAA security (RADIUS and/or TACACS+) and Local authentication
• Meets authentication policy needs of IT organizations
Network activity
• Packet statistics provided per port, for both Rx and Tx Packet
counts, throughput (bps), utilization (%), bad/errored packets, and
packet drops
Warm swappable chassis modules
• Maintains high availability for 99.999% uptime (five-9s) or better
• Scales to meet changing needs
Redundant, universal power supply units
• Maintains high availability for 99.999% uptime (five-9s) or better
• AC and DC hot-swappable options
PACKET FLOW SWIT C H
4
l DATA SHEET l nGenius 2200 Series Packet Flow Switch
Chassis and Modules
nGenius 2200 Series PFS Components
Description
Base Chassis
Base 4-slot nGenius 2204 packet flow switch chassis, including:
•
•
•
•
•
•
•
•
1G/10G standard chassis module
8 x 10G/1G SFP+ standard ports
2 x Management port
1 x Serial console port
1 x GPS port
1 x PTP port
1 x 1PPS port
2 x Power supply units (redundant)
1 x Fan tray
4 x 10G/1G SFP+ standard edition chassis module for nGenius 2204 packet flow switch:
• Allows up to 24 x 10G/1G ports with base feature set
1G/10G Advanced chassis module
4 x 10G/1G SFP+ Advanced edition chassis module for nGenius 2204 packet flow switch:
• Allows up to 16 x 10G/1G ports with advanced feature set, and
• 8 x 10G/1G ports with base feature set
1G/10G PowerSafe chassis modules
4 x LC Standard edition PowerSafe chassis modules for nGenius 2204 packet flow switch:
• Allows up to 16 x 10G/1G ports with active Bypass or active TAP and base feature set, and
• 8 x 10G/1G ports with base feature set
• Multimode OM1 & OM4 and Singlemode OS2 variants
1G/10G Advanced PowerSafe chassis modules
4 x LC standard edition PowerSafe chassis modules for nGenius 2204 packet flow switch:
• Allows up to 16 x 10G/1G ports with active Bypass or active TAP and advanced feature set,
and
• 8 x 10G/1G ports with base feature set
• Multimode OM1 & OM4 and Singlemode OS2 variants
AC Power Supply Unit
100 to 240V, 50/60 Hz AC Power Supply Unit (included in base chassis)
DC Power Supply Unit
-48V DC Power Supply Unit (included in base chassis)
Rear Fan Tray
Hot-swappable Rear Fan Tray
PACKET FLOW SWIT C H
5
l DATA SHEET l nGenius 2200 Series Packet Flow Switch
Product Specifications
Physical Characteristics
nGenius 2200 Series PFS Components
Height
Width
Depth
Weight
Base Chassis (w/o PSU)
2RU (3.5 in. / 89 mm)
17.35 in. / 441 mm
27.5 in. / 699 mm
20.7 lb. / 9.4 kg
1G/10G standard chassis module
3.1 in. / 78 mm
3.4 in. / 86 mm
16.2 in. / 411 m
2.6 lb. / 1.2 kg
1G/10G Advanced chassis module
3.1 in. / 78 mm
3.4 in. / 86 mm
16.2 in. / 411 m
3.5 lb. / 1.6 kg
1G/10G PowerSafe chassis modules
3.1 in. / 78 mm
3.4 in. / 86 mm
16.2 in. / 411 m
3.1 lb. / 1.4 kg
1G/10G Advanced PowerSafe chassis
modules
3.1 in. / 78 mm
3.4 in. / 86 mm
16.2 in. / 411 m
4.0 lb. / 1.8 kg
AC Power Supply Unit
3.3 in. / 85 mm
4.2 in / 106 mm
9.2 in. / 234 mm
3.3 lb. / 1.5 kg
DC Power Supply Unit
3.3 in. / 85 mm
4.2 in / 106 mm
9.4 in. / 239 mm
2.9 lb. / 1.3 kg
Rear Fan Tray
3.3 in. / 85 mm
6.3 in / 159 mm
5.1 in. / 129 mm
1.3 lb. / 0.6 kg
Power Specifications
nGenius 2200 Series PFS Components
Specifications
Base chassis
100 to 240 V AC, 140 W. Fully loaded: 450 W, 5.0 A
-48 V DC, 140 W. Fully loaded: 450 W, 11.3 A
1G/10G standard chassis module4
15 W
1G/10G Advanced chassis module
72 W
1G/10G PowerSafe chassis modules4
18 W
1G/10G Advanced PowerSafe chassis
modules4
75 W
AC Power Supply Unit
720 W, 8.0 A
DC Power Supply Unit
600 W, 15.0 A
Rear Fan Tray
(included as part of the base chassis)
4
Chassis modules running at full line rate, loaded with the described transceivers if applicable.
4
Environmental Specifications
Temperature
Operating: 32 to +113 ºF / 0 to +45 ºC, Storage: -4 to +212 ºF / -20 to +100 ºC
Humidity
Operating: 20% - 80%, non-condensing, Storage: 5% – 95%, non-condensing
Electrical and Optical Characteristics
Aspect
Data rates:
1Gbps, 10Gbps
Interface types:
Ethernet: 1000 Base-T, 1000 Base-SX, 1000 Base-LX, 1000 Base-ZX, 10G Base-LR, 10G Base-ER,
10G Base-ZR, 10G Base-SR, 10G SFPwire
Propagation delay:
< 3.2μs for 10G, <13.2μs for 1G
PACKET FLOW SWIT C H
6
l DATA SHEET l nGenius 2200 Series Packet Flow Switch
Standards and Compliance
Standard
Specification(s)
Ethernet
IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3ae, IEEE 802.3z
VLAN
IEEE 802.1Q, IEEE 802.1ad
PTP
IEEE 1588-2008
NTP
IETF RFC 5905
ARP
IETF RFC 826
IP
IETF RFC 791, 2460
UDP
IETF RFC 768
TCP
IETF RFC 793
FTP
IETF RFC 959, 2228
Telnet
IETF RFC 854
SSH
IETF RFC 4251, 4252, 4253
HTTP
IETF RFC 2616, 2817
TLS (SSL)
IETF RFC 4492, 5246
SNMP
IETF RFC 1157, 3411-3418
Syslog
IETF RFC 5424
RADIUS
IETF RFC 2865, 2866
TACACS+
IETF RFC 1492
EMC
FCC Part 15 Class A, VCCI Class A, EN55022/CISPR-22 Class A, Australia/New Zealand AS/ NZS
CISPR-22 Class A, CE Mark EN 55022 Class A, ETSI EN300 386 V1.3.2, EN61000-4-2, EN 61000-4-3,
61000-4-4, EN 61000-4-5, EN 61000-4-6, EN 61000-3-2
Safety
UL 60950-1, CSA C22.2 EN 60950-1, IEC-60950-1
NEBS Level 3
GR-63, GR-1089
RoHS
RoHS 6, EU directive 2002/95/EC
PACKET FLOW SWIT C H
7
l DATA SHEET l nGenius 2200 Series Packet Flow Switch
Ordering Information
Part Numbers
Description
2204NA0L0000
nGenius 2200 series packet flow switch – 2204 chassis (4-slot), AC power
2204ND0L0000
nGenius 2200 series packet flow switch – 2204 chassis (4-slot), DC power
2200NMGM2000
2200 Series – 1/10G chassis module with 4 x 1Gb/10Gb SFP+ Ports
2200NMGM2H0A
2200 Series – 1/10G Advanced chassis module with 4 x 1Gb/10Gb SFP+ ports and 4 x FPGA ports
2200NMGM2JBC
2200 Series – 1/10G PowerSafe chassis module with 4 x 1Gb/10Gb LC SX/SR MM 50micron ports
and 2 x Bypass pairs
2200NMGM2G0A
2200 Series – 1/10G Advanced chassis module with 4 x 1Gb/10Gb SFP+ ports and 2 x FPGA ports
2200NMGM2JAC
2200 Series – 1/10G PowerSafe chassis module with 4 x 1Gb/10Gb LC SX/SR MM 62.5micron
ports and 2 x Bypass pairs
5
2200 Series – 1/10G PowerSafe chassis module with 4 x 1Gb/10Gb LC SX/SR MM 62.5micron
ports and 2 x Bypass & FPGA pairs
5
2200 Series – 1/10G PowerSafe chassis module with 4 x 1Gb/10Gb LC SX/SR MM 50micron ports
and 2 x Bypass & FPGA pairs
2200NMGM2JCC
2200 Series – 1/10G PowerSafe chassis module with 4 x 1Gb/10Gb LC LX/LR SM ports and 2 x
Bypass pairs
5
2200 Series – 1/10G PowerSafe chassis module with 4 x 1Gb/10Gb LC LX/LR SM ports and 2 x
Bypass & FPGA pairs
For transceivers, please refer to list of SFP, SFP+, and QSFP+ transceivers offered by NETSCOUT®.
5
These parts are not main price list items. Please contact a NETSCOUT representative for correct part numbers.
Corporate Headquarters
NETSCOUT Systems, Inc.
Westford, MA 01886-4105
Phone: +1 978-614-4000
www.netscout.com
Sales Information
Toll Free US: 800-309-4804
(International numbers below)
Product Support
Toll Free US: 888-357-7667
(International numbers below)
NETSCOUT offers sales, support, and services in over 32 countries. Global addresses, and international numbers are
listed on the NETSCOUT website at: www.netscout.com/company/contact-us
© 2017 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, and the NETSCOUT logo are registered trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or
other countries. All other brands and product names and registered and unregistered trademarks are the sole property of their respective owners.
PFSPDS_001-1702 12/2017
Download PDF
Similar pages