Managing a network without having the necessary tools for visibility and control is similar to playing Russian roulette. You know a problem is going to occur, you’re just not sure when or how to find it. With the volume of mobile, cloud, and Internet of Things traffic increasing on a daily basis, visibility into network usage, user behavior, and application performance becomes critical for providers to monitor and optimize. Packets and ports are no longer the metrics by which the network is judged—the future is about flows. No wonder more and more vendors are asking the question, “What is IPFIX?”and then choosing to export it. Saisei Networks (pronounced Sī•sā:, Japanese for “Rebirth”) is one of them.
Saisei Value Proposition
Headquartered in Sunnyvale, CA, with offices in Asia-Pacific, Saisei claims to change the way IP networks pass traffic and eliminate data queuing, which is a killer for real-time traffic. As a result, a network can now run at more than 95% capacity. Saisei’s real-time flow-policy control, analytics, and security solution, called FlowCommand, then analyzes each and every flow and can continually apply security and network policies to it. The Saisei value proposition also applies to MPLS networks (IPv6 is fully supported as well).
Saisei considers FlowCommand a perfect fit for large enterprises and service providers worldwide, as it guarantees no link or user session will ever crash again, doubles the usable bandwidth in deployed networks, and provides sub-second analytics, policy enforcement, and security across 40 metrics.
Features to Consider
According to Saisei, FlowCommand is commonly implemented on virtual, legacy, SDN, or NFV networks. It is commonly placed as an edge appliance running on commodity hardware on the LAN/data center side of an edge router. Alternatively, it can configured as a virtual machine with two network interfaces that is monitoring and controlling flows coming in and out of a vSwitch.
The Saisei solution associates a single flow in real-time with:
- Internal and external hosts,
- Users (via Microsoft Active Directory or OpenLDAP)
- Geographic location
- Custom groups
Net Neutrality is a service provider feature unique to FlowCommand that instantly resolves the problem of a small group of users trying to consume a disproportionate amount of available bandwidth. When dealing with rogue users or peer-to-peer applications such as BitTorrent, the solution can classify all host flows as a single flow and give it exactly the same percentage of available bandwidth that every other flow in the network gets. Alternatively, FlowCommand can completely block specific traffic. Its flow-based security capabilities also include comprehensive data exfiltration controls and real-time DDoS controls, as well as spotting and throttling Botnet activity.
Details in their IPFIX export include dropped packets, re-transmitted packets, round trip time, Distress, Egress Class and much more:
According to Saisei, their enterprise customers gain granular control and visibility of the traffic over leased lines by deploying FlowCommand at the enterprise edge. Since it maintains a comprehensive visual history of flow behavior over these links, they get detailed records of SLA compliance or non-compliance in some cases.
Did you know that Saisei solutions come with a RESTful API and an open IPFIX interface for easy integration with third-party vendors, such as Plixer? If you are looking to get more out of flow data coming from your Saisei deployment, please feel free to reach out to our technical support and we’ll be happy to help.