Network Packet Broker(NPB) ML-NPB-5060 2D

Mylinking™ Network Packet Broker(NPB) ML-NPB-5060

4810GE SFP+ plus 240GE QSFP, Max 560Gbps

Short Description:

Supports 2*40G + 48*10GE SFP+ ports and authorization of basic software functions with throughput 560Gbps; Supports basic replication, aggregation, and distribution, multi-group filtering, packet header and packet content filtering, and customized filtering based on the offset of the specified position.

Advanced 40G packet forwarding processor; Data Packet Deduplication on demand (based on physical ports and multiple groups combination rules). Precise Packet Timestamping marking; Deep Packet Identification of application layer protocol and background traffic offloading functions; MPLS/VXLAN/GRE/GTP tunnel encapsulation and tunnel header stripping; Supports basic traffic monitoring. Supports real-time monitoring of policy traffic and interface traffic. Query historical traffic curves of policies and interfaces. Supports dynamic data packet capture and analysis of multi-point traffic. 16G DDR3 industrial-grade memory, 16GSLC industrial-grade storage, 1U chassis, 250W dual power supply

Send email to us

Product Detail

Product Tags

1- Overviews

A full visual control of Data Acquisition/Capture device(2* 40G QSFP slots plus 48 * 10GE SFP+ slots)
A full pre-processing and re-distribution device(bidrectional bandwidth 560Gbps)
Supported collection & reception of link data from different network element locations
Supported collection & reception of link data from different exchange routing nodes
Supported raw packet collected, identified, analyzed, statistically summarized and marked
Supported raw packet output for monitoring equipment of BigData Anlysis, Protocol Analysis, Signaling Analysis, Security Analysis, Risk Management and other required traffic.
Supported real-time packet capture analysis, data source identification, and real-time/historical network traffic search

2- Intelligent Traffic Processing Abilities

ASIC Chip Plus TCAM CPU
560Gbps intelligent traffic processing capabilities

10GE/40GE Acquisition Data Capture
2 splots 40GE QSFP plus 48 slots 10GE up to 560Gbps Traffic Data Transceiver at same time, for network Data Capture, simple Pre-processing

10G/40G Traffic Replication
The original input traffic and pre-processed traffic can be copied from 1 to N or aggregated from N to M at 10GE link speed, which perfectly solves the requirement that two or more multi-port out-of-band monitoring devices can be deployed on the network at the same time.

Network Traffic Aggregation
The original input traffic and pre-processed traffic can be copied from 1 to N or aggregated from N to M at 10GE link speed, which perfectly solves the requirement that two or more multi-port out-of-band monitoring devices can be deployed on the network at the same time.

Data Distribution/Forwarding
Classified the incoming metdata accurately and discarded or forwarded different data services to multiple interface outputs according to user’s predefined whitelist or blacklist rules.

Data Filtering
Supported flexible combination of metdata elements based on Ethernet Type, VLAN Tag, TTL, IP seven-tuple, IP Fragmentation, TCP Flag, and other Packet Features fornetwork security devices, protocol analysis, signaling analysis, and traffic

Load Balance
Supported load balance Hash algorithm and session-based weight sharing algorithm according to L2-L7 layer characteristics to ensure that the port output traffic dynamic of load balancing

UDF Match
Supported the matching of any key field in the first 128 bytes of a packet. Customized the Offset Value and Key Field Length and Content, and determining the traffic output policy according to the user configuration

VLAN Tagged

VLAN Untagged

VLAN Replaced

Supported the matching of any key field in the first 128 bytes of a packet. The user can customize the offset value and key field length and content, and determine the traffic output policy according to the user configuration.

MAC Address Replacing
Supported the replacement of the destination MAC address in the original data packet, which can be implemented according to the user's configuration

3G/4G Mobile Protocol Identification and Classification
Supported to identify mobile network elements such as (Gb, Gn, IuPS, S1-MME, S1-U, X2-U, S3, S4, S5, S6a, S11, etc. interface). You can implement traffic output policies based on features such as GTPV1-C, GTPV1-U, GTPV2-C, SCTP, and S1-AP based on user configurations.

IP Datagram Reassembly
Supported IP fragmentation identification and supports reassembly of IP fragmentation so as to implement L4 feature filtering on all IP fragmentation packets. Implement traffic output policy.

Ports Healthy Detection
Supported real-time detection of the service process health of the back-end monitoring and analysis equipment connected to different output ports. When the service process fails, the faulty device is automatically removed. After the faulty device is recovered, the system automatically returns to the load balancing group to ensure the reliability of multi-port load balancing.

Mirror Port Protection
Supported the Mirror Port Protection function of each interface. This function can block the TX capability of mirror acquisition port, and effectively avoid the problem of network forming loop caused by device configuration error.

Redundant Output Ports
Supported active/standby redundancy of traffic output ports. When the status of the active output port is abnormal (disabled or link Down), the output traffic can be switched to the standby port, ensuring high reliability of traffic output.

Tunnel Packet Termination
Supported the tunnel packet termination function, which can configure IP addresses, masks, ARP responses, and ICMP responses for traffic input ports. Traffic to be collected on the user network is directly sent to the device through tunnel encapsulation methods such as GRE, GTP, and VXLAN

Port Breakout
Supported 40G port breakout function and can be split into four 10GE ports to meet specific access requirements

Time Stamping
Supported to synchronize the NTP server to correct the time and write the message into the packet in the form of a relative time tag with a timestamp mark at the end of the frame, with the accuracy of nanoseconds

VxLAN, VLAN, GRE, MPLS Header Stripping
Supported the VxLAN, VLAN, GRE, MPLS header stripped in the original data packet and forwarded output.

Data/Packet De-duplication
Supported port-based or policy-level statistical granularity to compare multiple collection source data and repeats of same data packet at a specified time. Users can choose different packet identifiers (dst.ip, src.port, dst.port, tcp.seq, tcp.ack)

Data/Packet Slicing
Supported policy-based slicing (64-1518 bytes optional) of the raw data, and the traffic output policy can be implemented based on user configuration

Classified Sensitive Data Masking
Supported policy-based granularity to replace any key field in the raw data in order to achieve the purpose of shielding sensitive information. According to user configuration, the traffic output policy can be implemented. Please visit "What’s the Data Masking Technology and Solution in Network Packet Broker?" for more details.

Tunneling Packet Termination
Supported the tunnel packet termination function, which can configure IP addresses, masks, ARP responses, and ICMP responses for traffic input ports. Traffic to be captured on the user network and directly sent to the back monitoring device through tunnel encapsulation methods such as GRE, GTP, and VXLAN

Packet Encapsulation output
Supported to encapsulate any specified packets in the captured traffic to the RSPAN or ERSPAN header and output the packets to the back-end monitoring system or network switch

Tunneling Protocol Identification
Supported automatically identify various tunneling protocols such as GTP / GRE / PPTP / L2TP / PPPOE. According to the user configuration, the traffic output strategy can be implemented according to the inner or outer layer of the tunnel

APP Layer Protocol Identify
Supported commonly used application layer protocol identification, such as FTP, HTTP, POP, SMTP, DNS, NTP, BitTorrent, Syslog, MySQL, MsSQL and so on

Video Traffic Filtering
Supported to filter and mitigate the video stream data matching such as domain name address resolution, video transmission protocol, URL and video format, to offer useful data to analyzers and monitors for security.

SSL Decryption
Supported loading the corresponding SSL certificate decryption. After the decryption of HTTPS encrypted data for the specified traffic, it will be forwarded to the back-end monitoring and analysis systems as required.

User-defined Decapsulation
Supported the user-defined packet decapsulation function, which can strip any encapsulated fields and contents in the first 128 bytes of a packet and output them

Packet Capturing
Supported port-level, policy-level packet capture from source physical ports within filter of Five-Tuple field in real time

Traffic Monitoring and Detection
Traffic monitoring provides real-time traffic situation monitoring capability. Traffic detection enables in-depth analysis of traffic data at different network locations, providing original data sources for real-time fault location

Real-time Traffic Trend Monitoring
Supported real-time monitoring and statistics on port-level and policy-level data traffic, to show the RX / TX rate, receive / send bytes, No., RX / TX the number of errors, the maximum income / hair rate and other key indicators.

Traffic Trend Alarming
Supported port-level, policy-level data traffic monitoring alarms by setting the alarm thresholds for each port and each policy flow overflow.

Real-time Traffic Detection
Supported the sources of "Capture Physical Port (Data Acquisition)", "Message Feature Description Field (L2 – L7)", and other information to define flexible traffic filter, for real-time capture network data traffic of different position detection, and will it will be storaged the real-time data after captured and detected in the device for downloading of further execution expert analysis or uses its diagnosis features of this equipment for deep visualization analysis.

Historical Traffic Trend Review
Supported port-level, policy-level nearly 2 months of historical traffic statistics query. According to the days, hours, minutes and other granularity on the TX/RX rate, TX/RX bytes, TX/RX messages, TX/RX error number or other information to query select.

DPI Packet Analysis
DPI in-depth analysis module of the traffic visualization detection function can conduct in-depth analysis of the captured target traffic data from multiple dimensions, and perform detailed statistical display in the form of graphs and tables Supported the captured datagram analysis, including abnormal datagram analysis, stream recombination, transmission path analysis, and abnormal stream analysis

Mylinking™ Network Visibility Platform
Supported Mylinking™ Visibility Control Platform Access

1+1 Redundant Power System(RPS)
Supported 1+1 Dual Redundant Power System

3- Typical Application Structures

3.1 Centralized Collection Application(as following)

3.2 Unified Schedule Application(as following)

3.3 Data VLAN Tagged Application(as following)

3.4 Data/Packet De-duplication Application(as following)

3.5 Mylinking™ Network Packet Broker Data/Packet Slicing Application(as following)

3.6 Mylinking™ Network Packet Broker Data/Packet Masking Application(as following)

3.7 Traffic Capture/Data Detection Visibility Control Platform Tools(as following)

3.8 Network Traffic Data Visibility Analysis Application(as following)

4- Specifications

NL-NPB-5060 Mylinking™ Network Packet Broker Functional Parameters
Network Interface		10GE	48*SFP+ slots; Supports single and multi-mode optical fibers
		40GE	2QSFP slots; Support 40GE, breakout to be 410G; Supports single and multi-mode optical fibers
		Out-of-BandMGT Interface	1*10/100/1000M electrical port
Deployment Mode		Optical Mode	Supported
Deployment Mode		Mirror Span Mode	Supported
System Function	Basic Traffic Processing	Traffic Replication/aggregation/distribution	Supported
		Based on IP / protocol / port seven-tuple traffic identification filtering	Supported
		UDF match	Supported
		VLAN mark/replace/delete	Supported
		3G/4G Protocol identification	Supported
		Interface health inspection	Supported
		Mirror Port Protection	Supported
		Redundant output ports	Supported
		Tunnel packet termination	Supported
		Packet encapsulation	Supported
		Port breakout	Supported
		Ethernet package independence	Supported
		Processing ability	560Gbps
	Intelligent Traffic Processing	Time-stamping	Supported
		Tag remove	Supported VxLAN、VLAN、GRE、MPLS header stripping
		Data de-duplication	Supported interface/policy level
		Packet slicing	Supported policy level
		Data desensitization(Data Masking)	Supported policy level
		Tunneling protocol identification	Supported
		Application layer protocol identification	Supported FTP/HTTP/POP/SMTP/DNS/NTP/ BitTorrent/SYSLOG/MYSQL/MSSQL, etc.
		Video traffic identification	Supported
		SSL decryption	Supported
		Custom decapsulation	Supported
		Processing ability	40Gbps
	Diagnosis and Monitoring	Real-time monitor	Supported interface/policy level
		Traffic alarm	Supported interface/policy level
		Historical traffic review	Supported interface/policy level
		Traffic capture	Supported interface/policy level
	Traffic Visibility Detection	Basic Analysis	Summary statistics are displayed based on basic information such as packet count, packet category distribution, number of session connections, and packet protocol distribution
		DPI Analysis	Supports transport layer protocol ratio analysis; unicast broadcast multicast ratio analysis, IP traffic ratio analysis, DPI application ratio analysis. Support data content based on sampling time analysis of traffic size presentation. Supports data analysis and statistics based on session flow.
		Accurate Fault Analysis	Supported fault analysis and location based on traffic data, including packet transmission behavior analysis, data flow level fault analysis, packet level fault analysis, security fault analysis, and network fault analysis.
	Management	CONSOLE MGT	Supported
		IP/WEB MGT	Supported
		SNMP MGT	Supported
		TELNET/SSH MGT	Supported
		RADIUS or TACACS + Centralized authorization authentication	Supported
		SYSLOG protocol	Supported
		User authentication	Based on user’s password authentication
Electric(1+1 Redundant Power System-RPS)		Rate power supply voltage	AC110~240V/DC-48V(optional)
		Rate power supply frequency	AC-50HZ
		Rate input current	AC-3A / DC-10A
		Rate power	Max 260W
Environment		Working temperature	0－50℃
		Storage temperature	-20-70℃
		Working humidity	10％-95％no condensation
User Configuration		Console configuration	RS232 interface, 115200,8,N,1
User Configuration		Password authentication	Supported
Height of Chassis		Rack space (U)	1U 445mm44mm402mm