Net Optics Phantom™ Virtual Tap is a network traffic monitoring and access device
for virtualized computing environments including
converged data centers. It captures data passing between virtual machines (VMs) and
sends traffic of interest to virtual and physical
monitoring tools of choice.
With Phantom Virtual Taps, you can manage your virtual
network’s security, compliance, and performance
with the latest virtual monitoring tools. Or, you can continue monitoring and smart
access using the same policies and physical
monitoring tools that you use today because Phantom Virtual Tap bridges virtual to
physical in converged environments.
At a Glance
- 100 percent visibility of TCP/IP traffic between Virtual Machines (VMs)
- Follows VMs as they move (vMotion) between physical servers
- Installs in hypervisor kernel for full TCP/IP traffic visibility
- Generates RMON statistics (packet count, utilization, etc.)
- TapFlow™ multi-layer L2-4 filtering engine
- Replicates Inter-VM traffic to virtual and physical monitoring tools of choice
- Sends mirrored traffic out physical NICs in encapsulated tunnels
- Integrated with Net Optics Indigo Pro™ management platform
- Enables visibility and control of network traffic in VMware ESX/ESXi virtual server environments
- Extends monitoring access into the Inter-VM networking layer
- Applies existing physical monitoring tools, processes, and procedures to the virtual network
- Enables monitoring for security and compliance in virtualized environments
- No interference with the data stream or VMs
- No modifications needed in VMs
- Director CPU Module (DCM) for Net Optics Director Data Monitoring Switch terminates encapsulated tunnels (DCM sold separately Available Q2 2011)
- One Phantom Virtual Tap monitors traffic between VMs (one Phantom Virtual Tap is installed on each hypervisor, that is, in each physical server)
- Scalable to support and administer highdensity environments
- Phantom Manager console (included software component) manages multiple Phantom Virtual Taps and network traffic
The Virtual Monitoring Challenge
Large networks have been utilizing Tap solutions for network traffic access
for many years. Traffic capture, analysis, replay, and logging are now part
of every well-managed network environment.
In recent years, a significant
shift to virtualized environments is yielding great benefits in efficiency,
cost effectiveness, and flexibility. However, today’s virtualized computing
architectures create challenges for network security, compliance, and
performance monitoring because the current physical monitoring tools
do not extend easily into the new environments. Investing in costly new
virtual-specific tools—and in the related processes and training they
require—can forfeit some of the economic benefits and cost-savings a
company gains by virtualizing as well.
Virtual infrastructures use
hypervisor technology to deploy multiple
computing environments on a single physical (hardware) server, or across
a group of physical servers.
Traditional Taps cannot see the traffic between
the VMs that reside on the same
hypervisor, nor can they “follow” specific
VMs as automation moves them from one
The Phantom Virtual Tap Solution
To augment overall network traffic visibility by extending that visibility to
the world of virtual computing, Net Optics offers a new, virtual approach
for traffic access: the Phantom Virtual Tap.
The Phantom suite of software
products provides 100 percent visibility of traffic passing between VMs
on
hypervisor stacks.
The Phantom Monitor installs in the
hypervisor kernel below the virtual
switch, the software component that manages communication between
the virtual network interface controllers (
NICs) of the VMs. Phantom Monitor
can replicate all traffic within the virtual switch, apply smart
TapFlow™
filtering, and send traffic of interest to any monitoring tools of choice.
It
can even pass the replicated traffic to a physical port so physical tools
can monitor the data. Virtual traffic is bridged to the physical world in an
encapsulated tunnel that can be terminated by a Net Optics Director™
Data Monitoring Switch equipped with a Director CPU Module (DCM),
or at any capable termination point of your choosing.
Flexible Installation Options
The Phantom Virtual Tap is engineered to integrate seamlessly with, and forward traffic to
Net Optics family of Director switches.
To offer optimal flexibility and further extend your
installation options, the Phantom Virtual Tap is available in various bundles of Net Optics
software and Director-series hardware, as an add-on to existing Net Optics monitoring
infrastructure, and as a software-only standalone solution.
Unique Capabilities
The Phantom Virtual Tap provides these unique capabilities to the virtual computing environment:
Phantom Manager Web Console
- Network monitoring at the hypervisor kernel level providing full view of the traffic flowing between VMs, regardless of their current physical locations
- Ability to differentiate between specific VM instances in replicated environments, and keep monitoring and logging the VMs even as they are moved between hypervisors (different physical servers or locations)
- Integrated physical and virtual network monitoring convergence - Phantom Virtual Tap works seamlessly with Net Optics Director series of data monitoring switches
- Net Optics Indigo Pro™ - a unified network management tool - provides an easy-to-use, Web-based GUI interface
- 100 percent visibility of traffic between Virtual Machines (VMs)
- No interference with the data stream or VMs
- No modifications needed in VMs
- Installs in hypervisor kernel for full traffic access
- Generates Layer 2 and 3 statistics (packet count, utilization, etc.)
- TapFlow™ multi-layer L2-4 filtering engine
- Replicates Inter-VM traffic to virtual and physical monitoring tools of choice
- Sends replicated traffic out physical NICs in encapsulation tunnels
- Director CPU Module (DCM) for Net Optics Director Data Monitoring Switch terminates encapsulation tunnels (DCM sold separately)
- One Phantom Virtual Tap monitors traffic from multiple VMs in a physical server (one Phantom Virtual Tap is installed on each hypervisor, that is, in each physical server)
ESX/ESXi Server v4.0 or 4.1 (vSphere)
Phantom Manager VM: Management and reporting engine that runs in a VM.
Phantom Monitor: A Phantom Monitor is installed in each ESX/ESXi host. The Phantom monitor has two components: a Phantom Monitor Control VM and a
Phantom Monitor Module, which is a hypervisor kernel.
Virtual Center (vCenter) Server 2.5 or later
Access to the VMware Virtual Infrastructure API must be
available to allow auto-discovery of VM resources. This
can be tested by connecting a Web browser to the Virtual
Center Host (https://<Virtual Center IP Address>/).
Network Connectivity
The Phantom Manager VM virtual appliance must be accessible via HTTPS to access the application interface. DNS and NTP services should be available for all components.
TCP 443 and 8443 must be available between the Phantom Manager and Phantom Monitor control VMs.
TCP 902 must be available between Phantom Manager and the ESX/ESXi hosts.
Disk Storage: 10 GB free space (minimum)
Web Browser: Internet Explorer 6, 7, 8, or later - Firefox 2 or later
Virtual Appliance System Requirements:
Compressed size of Virtual Appliances:
Phantom Manager VM: Approximately 250 MB
Phantom Monitor Control VM: Approximately 175 MB
Uncompressed size of system:
Phantom Manager VM: 2 GB
Phantom Monitor Control VM: 900 MB
Size of Virtual Disks:
2 GB operating system
Database administrator configurable (4 to 40 GB)
Memory Size:
Phantom Manager VM: 2 GB (No more than 3GB)
Phantom Monitor Control VM: 385 MB (No more than 385 MB)
Certifications: Certified VMSafe by VMware
PT-DC-25 Phantom DC Starter
Phantom Tap software and license: 2 Manager + 25 Monitors perpetual license
PT-DC-50 Phantom DC Standard
Phantom Tap software and license: 5 Manager + 50 Monitors perpetual license
PT-DC-100 Phantom DC Extreme
Phantom Tap software and license: Unlimited number of Managers + 100 Monitors perpetual license
DCM-100 1GB DCM Director CPU Module
DCM-1000 10GB DCM Director CPU Module
HVKT-P-B-50 Phantom 5400 Bundle
Phantom Tap software and license and hardware kit:
2 Net Optics Director 5400, DCM 1GB add-on, Phantom DC Starter, Indigo Manager Pro 50
Virtual Taps Overview
Page Up
Further Documents
Data Sheet (2MB)
+49 6103 906-722
Send E-Mail
Contact Form
