SlideShare a Scribd company logo

NUVX Technologies general solutions

Download as PPTX, PDF
N
NUVX

The document outlines the capabilities of the Nuvx universal platform and its products, which provide high-performance network traffic processing solutions across various sectors such as telecom, finance, and software engineering. It details several product offerings, including CG-NAT, URL filtering, and deep packet inspection (DPI), emphasizing scalability, security, and enhanced user experience monitoring. Additionally, comparisons with competitors and features focused on traffic management, analytics, and quality of service are discussed.

Technology
1 of 23
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Solutions for High-Performance Processing of Network Traffic Techno Hub B3, Office G-022, Dubai Silicon Oasis, Dubai, UAE www.nuvx.com / sales@nuvx.com / 00971 125 1262
Product Application Areas2 Performance Security Telco State Power MetallurgyOil & Gas Mechanical engineering Transport Uniformed services & Army Banks Insurance Social insurance fund Cloud solutions IoT Smart city 2
Products / Customers / Competitors Product Name NUVX.NAT NUVX.FILTER NUVX.BRAS NUVX.DPI NUVX.QoE NUVX.Router NUVX.Balancer NUVX.SDNSW Platform x86 x86 x86 ASIC+x86 ASIC+x86 x86 ASIC ASIC Product Type CG-NAT URL-filtering Service gateway DPI Quality of experience IP/MPLS router L3/L4 load balancer/active TAP SDN switch Customers Fixed and mobile ISP Fixed and mobile ISP, Corporate Fixed ISP ISP, Corporate ISP, Corporate Fixed and mobile ISP, Corporate Fixed and mobile ISP, CDN Fixed and mobile ISP, CDN, Corporate Competitors Cisco Juniper Huawei Nokia A10 F5 Checkpoint Fortinet Palo Alto Ericsson Juniper Cisco Huawei Nokia Brocade Allot Sandvine Empirix Comarch Juniper Brocade Cisco Huawei Gigamon Bigswitch Arista Naviflow pica8 3
NUVX Universal Platform
NUVX Universal Platform Platform – Model Types Model 2020 Model 2040 Model 4080 Model 4120 Model 4160 5
NUVX Universal Platform Solution Based on 4 Platforms • NUVX Universal Platform uses all functionality supported by the 4 platform simultaneously; • NUVX Universal Platform provides all the basic functionality of the medium broadband access provider on one physical platform. NUVX.BRAS License NUVX.NAT License NUVX.Filter License NUVX.QoE License 6
CG-NAT Solution Based on NUVX Universal Platform In comparison with foreign analogues* * According to the results of testing in an independent laboratory in 2015. 7
URL-filtration Solution Based on NUVX Universal Platform • Direct network packet content analysis instead of the IP addresses in the header; • 100% prohibited content filtering and blocking; • Up to 160 Gbit /s (In + Out) all traffic performance when connected in-line; • Up to 16 filter lists, up to 30 million entries in the “black list“ support; • Custom list processing support; • Blocking break-in counteraction. 8
NUVX.QoE Solution Features Based on NUVX Universal Platform Platform • Quality of Experience (QoE) monitoring; • Websites visited by ISP subscribers tracking; • Possible Botnet, Virus Crypto-mining activity detection; • Service upsaling; • Network faults behind subscriber’s CPE, NAT and Wi-Fi detection; • No additional probes or software installation required on the subscriber's side; • No diagnostic packets required to be sent; • DPI can monitor the mirrored traffic, in-line installation is not required; • Generalized mechanism: any access technology and service model support; • QoE functionality can be combined with other useful DPI functions in one device. 9
Dec 13 08:29:01 10.10.10.3 010.012.057.225: 65376 091.231.235.128:00080 1513182549 nuvxnat GET /depot/228986/chunk/7d3ece044d4115fa7bae974acbd0873b305d6fb3? HTTP/1.1#015#012Host: steam.ru.qtlglb.com#015#012Accept: text/html,*/*;q=0.9#015#012Accept-Encoding: gzip,identity,*;q=0#015#012Accept-Charset: ISO-8859-1,utf-8,*;q=0.7#015#012User-Agent: Valve/Steam HTTP Client 1.0#015#012#015 Dec 13 08:29:01 10.10.10.3 010.254.017.186: 36449 095.163.068.052:00080 1513182549 nuvxnat GET /perviy/1/15131/1513171716.00- 1513171722.00.ts?account=2487e54f5cc6f78e&client=0d8d9390e47ad0a7&expires=1513260000&profile=17e3ecbacbe1d0a8&provider_id=5703bd2480 a8a010014872c3&region=&token=AoFK0UGWN8bgkRt0UNEqwg&user=a26ddbe35cbfb913&shift=0 HTTP/1.1#015#012Host: streams.b612.tightvideo.com#015#012Connection: close#015#012Cookie: #015#012User-Agent: Mozilla/5.0 (Web0S; Linux/SmartTV) AppleWebKit/537.41 (KHTML, like Gecko) Large Screen WebAppManager Safari/537.41#015#012#015 Dec 13 08:29:01 10.10.10.3 010.254.019.150: 35351 095.163.068.058:00080 1513182549 nuvxnat GET /mult/1/index.m3u8?account=491b7356de6aa38f&client=42df8d73114169a4&expires=1513260000&profile=c5514e0e4037bd5a&provider_id=5703bd2 480a8a010014872c3&region=&token=HU9uSU_0fRnDODt0m1pTgQ&user=9a3326b0dc398880 HTTP/1.1#015#012Host: streams.b612.tightvideo.com#015#012User-Agent: stagefright/1.2 (Linux;Android 4.2.2)#015#012Range: bytes=0-#015#012Connection: close#015#012#015 Clickstream statistics data collected by NUVX Universal Platform can be used for drawing conclusions about the resources visited by subscribers, devices they use, operating systems, Internet browsers, etc. Collection of Clickstream Statistics Based on NUVX Universal Platform Platform If necessary, the information from HTTP GET requests can be enriched on the external to EcoFilter server with information from billing and converted to the desired format (for example .CSV file.) 10
The NUVX Universal Platform platform analyzes the traffic passing through it and collects statistics to assess the quality of subscribers' work in the network (number of packets transmitted, number of re-sent packets, delay, etc.) Having QoE statistics, the operator can proactively identify potential problems of subscribers and fix them before they occur. Collection of Quality of Experience Statistics on the NUVX Universal Platform Platform By comparing current QoE metrics with historical ones, you can determine the impact of any changes to network settings on the quality of network performance. 11
Collection of Quality of Experience Statistics on the NUVX Universal Platform Platform Identify problems with the quality of communication behind CPE, including up to subscriber equipment: • Boost LTV (LifeTimeValue); • Clickstream analytics - ability to track visited sites, including competitors' sites; • Find out how many virtual IP addresses are behind the real IP address; • Determine what services / equipment subscribers use (SIP, OTT, smart house, smart tv, network equipment); • For each subscriber, prioritize traffic and restrict certain L7 based protocols. 12
NUVX.DPI Platform
NUVX.DPI Brief Description NUVX.DPI is the hard & software complex designed for traffic inspection and deep traffic analysis. The DPI (deep packet inspection) system operates at several levels of the OSI model (from the data-link layer to the application layer) by protocols, applications, services, including multicast and network control protocols. This gives extensive opportunities for providers for traffic management. The complex is to be installed “in-line” of existing internal or external links through NUVX.DPI Bypass. This device switches the system to bypass mode (transparent traffic passing) in case of any abnormal situations. The main complex component which processes traffic can be clustered to scale complex’s bandwidth. The traffic balancing subsystem distributes the incoming and aggregates the outgoing traffic processed. NUVX.DPI Teracluster is the first Russian fault-tolerant multi-terabit DPI cluster, scalable up to 40 Tbit/s. 14
NUVX.DPI Security (AntiDDoS, IDS/IPS) Content Filtering Filtering for Lawful Intercept Traffic Monitoring and Management Encrypted Traffic Decoding and Analysis DLP – Data Loss Prevention Application Based Routing Smart Load Balancing Targeted Advertising, Customer notification QoE, VaS, and Other Services DPI in Provider Network 15
NUVX.DPI Features and Benefits (1) • Traffic analysis by applications with an updated signature database (more than 3200 applications, all the most known at the moment); • Flexible management of subscriber policies, including options for quoting, parental control, etc; • Versatile management (policing / marking / drop etc.) of downloading certain applications; • SLA ensuring at the application level; • Traffic analysis in AS, AS-PATH sections, traffic volumes, applications, subscribers; • Traffic redirecting corresponding to certain regular expressions for further processing by third-party systems (service chaining for VAS); • High-performance URL filtering http / https, URL logging, policing the traffic of individual URLs; • Support for 10/40/100 Gb/s interfaces with various encapsulation options: MPLS, IPinIP, QinQ, GRE, PPTP, L2TP, including embedded encapsulation; • Keeping of all metadata for further analysis: trends, forecasts, analytics, user profiles, etc. (BigData); • Single point of monitoring and control of the entire system; • Switching the system to bypass mode in case of any abnormal situations. 16
NUVX.DPI Features and Benefits (2) • Real-time blocking of specific applications; • Traffic prioritizing, analysis and classification; • 100G port feature; • Load balancing, linear scaling; • Cluster solution, multi-terabit performance; • Discovery communication problems behind CPE including user equipment (QoE); • Common bandwidth management and distribution for subscribers (QoS); • 10/40/100 Gbit/s interface support with MPLS encapsulation; • Optional feature of BRAS/CG-NAT/Routing; • Innovative DPI Engine extensible by new signatures; • Maximum bandwidth, Gbit/s: 100 per DPI Unit; • Maximum number of sessions, million: 240; • Maximum number of sessions per second, thousands: 800; • Maximum number of subscribers, million: 31,5; • Number of protocols recognized: 3200+; • Number of URLs in library, million: 150; • Network interfaces: 4X100GbE per DPI Unit. 17
Hardware Platforms. NUVX.DPI Bypass However, in case of abnormal situations in the system, this should not affect the operator's network functionality. In order to provide protection against failures, the NUVX.DPI Teracluster is connected to the operator's network through the NUVX.DPI Bypass devices. The device is installed in the gap between two routers of the operator's network and redirects traffic flows to the DPI complex for further processing. In case of any failure or maintenance the NUVX.DPI Bypass immediately switches the complex to bypass mode (transparent traffic passing). As the traffic inspection and analysis system should be able to control traffic in the provider’s network directly, it is installed “in-line” of existing lines. 18
Hardware Platforms. NUVX.DPI Balancer NUVX.DPI Balancer Main Functionality: • Providing different interface types for internal and external systems: 10G, 40G, 100G; • Traffic distribution between DPI devices; • Traffic balancing between CPU cores inside single DPI device; • Asymmetric traffic flow aggregation; • N+X redundancy; • Traffic redirection to the external systems for further storage and analysis; • Transparent passing mode with mirroring to NUVX.DPI Unit; • Offloading mode for specific traffic flows – without analyzing in NUVX.DPI Unit (transparent transit traffic passing, including encrypted one). To gradually scale DPI complex bandwidth the main traffic processing element (NUVX.DPI Unit) can be clustered. In this case after the NUVX.DPI Bypass traffic is transferred to the balancing subsystem which consists of one or several NUVX.DPI Balancer devices. This subsystem distributes incoming traffic inside the NUVX.DPI Units farm and aggregates the processed traffic. 19
Hardware Platforms. NUVX.DPI Unit The one of the functions of the NUVX.DPI Unit is the traffic management according to the policies specified. Policies can be based on protocols (systemwide polices), which allows to: • Restrict (rate limiting or drop) the traffic of a certain application, protocol, networks, ports, etc.; • Restrict the traffic of specified protocols with the specified meta-data; • Restrict the traffic for certain Web resources; • Apply QoS policies; • Mark the traffic of certain applications. Using policies the traffic of a single subscriber can be limited (subsciber- based policies). By such policies the following scenarios can be implemented: • Restriction of the traffic of certain subscriber; • Quoting; • Application of policies to subscriber's services based on applications, networks, ports and other; • Grouping subscribers by various criteria. The main subsystem of the complex is the one or multiple devices for deep traffic analysis NUVX.DPI Unit. The device analyzes packets on L2-L7 levels of the OSI model. In addition, NUVX.DPI Unit recognizes traffic of more than 3200 various applications. The traffic statistics collected during the analysis are transmitted via a proprietary protocol to NUVX.DPI Collector, which is a part of the complex. 20
Hardware Platforms. NUVX.DPI cEMS The NUVX.DPI cEMS tasks include the following: • Auto install (Auto Provisioning, Zero Touch Provisioning, ZTP) of cluster elements; • Cluster element’s firmware updating; • Cluster element’s health check; • Configuration management of each cluster element; • Single point for claster management and monitoring by external OSS/BSS systems. All complex subsystems and elements are managed by a central control system. It is a separate device named NUVX.DPI cEMS. All complex elements are managed from NUVX.DPI cEMS by using command line interface (CLI) or graphical user web interface. 21
NUVX.DPI Collector Software The complex also includes a subsystem for collecting and analyzing connection logs (NUVX.DPI Collector), which provides single access to the logs and statistics on them. The system accumulates statistical information about traffic flows (CDR), converts it for further processing and can be sent to external data storage system (EDSS) for long-term storage and subsequent analysis by other systems. To view the statistics, a Web-based interface was implemented, where not only detailed information on protocols, applications and subscribers is presented, but also graphs that demonstrate the use of network capacities and resources of the complex. Since the complex is divided into several separate devices according to their functional characteristics, it easily scales and adjusts to the tasks of a specific operator. For example, if the volume of the processed traffic does not exceed 100 Gbit / s, the complex may consist of only four components. At the moment, the maximum performance of the complex can be achieved using a scheme with three NUVX.DPI Unit farms with 20 devices in each farm. One device handles up to 100 Gbit / s traffic. Consequently, the overall performance of the complex will be 6 Tbps/s (NUVX.DPI Teracluster). 22
NUVX Technologies Techno Hub B3, Office G-022, Dubai Silicon Oasis, Dubai, UAE www.nuvx.com / sales@nuvx.com / 00971 125 1262 Thank you for your attention!

More Related Content

PDF
DPI BOX: deep packet inspection for ISP traffic management
Ilya Mikov
 
PDF
Hosted Solutions Hi-Touch Services Guide
Hosted Solutions
 
PDF
Deep Packet Inspection (DPI) Test Methodology
Ixia
 
PDF
Industrial Internet of Things: Protocols an Standards
Javier Povedano
 
PDF
nokia_netact_brochure
Ana Sousa
 
PPTX
Software Defined Networking: Primer
Bangladesh Network Operators Group
 
PPTX
NetFlow Deep Dive: NetFlow Tips and Tricks to get the Most Out of Your Networ...
SolarWinds
 
PPTX
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
SolarWinds
 
DPI BOX: deep packet inspection for ISP traffic management
Ilya Mikov
 
Hosted Solutions Hi-Touch Services Guide
Hosted Solutions
 
Deep Packet Inspection (DPI) Test Methodology
Ixia
 
Industrial Internet of Things: Protocols an Standards
Javier Povedano
 
nokia_netact_brochure
Ana Sousa
 
Software Defined Networking: Primer
Bangladesh Network Operators Group
 
NetFlow Deep Dive: NetFlow Tips and Tricks to get the Most Out of Your Networ...
SolarWinds
 
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
SolarWinds
 

What's hot (20)

PPTX
Vineyard Networks Product Overview
laurenjthomson
 
PDF
Network Security and Visibility through NetFlow
Lancope, Inc.
 
PDF
Introduction to SDN and Network Programmability - BRKRST-1014 | 2017/Las Vegas
Bruno Teixeira
 
PPTX
Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben Rodriguez
 
PDF
SDN & NFV Introduction - Open Source Data Center Networking
Thomas Graf
 
PPT
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlowAuditor
 
PDF
Secure BGP and Operational Report of Bangladesh
Bangladesh Network Operators Group
 
PPTX
RTI Technical Road Show SPAWAR SD
Real-Time Innovations (RTI)
 
PPTX
Introduction to OpenFlow, SDN and NFV
Kingston Smiler
 
PDF
Hp 1015-odini-5 sdn-in_nfv
Marie-Paule Odini
 
ODP
Why sdn
lz1dsb
 
PPTX
6WINDGate™ - Enabling Cloud RAN Virtualization
6WIND
 
PPTX
OpenContrail Silicon Valley Meetup Aug 25 2015
Scott Sneddon
 
PDF
How to build high performance 5G networks with vRAN and O-RAN
Qualcomm Research
 
PDF
Acclerating SDN and NFV Deployments with Spirent
Malathi Malla
 
PPTX
Software defined networking(sdn) vahid sadri
Vahid Sadri
 
PDF
Nfv orchestration open stack summit may2015 aricent
Aricent
 
PDF
Actual Condition Survey of Malware Download Sites for A Long Period
APNIC
 
PPTX
Software Defined Networks
Shreeya Shah
 
PDF
Introduction to Software Defined Networking (SDN)
Bangladesh Network Operators Group
 
Vineyard Networks Product Overview
laurenjthomson
 
Network Security and Visibility through NetFlow
Lancope, Inc.
 
Introduction to SDN and Network Programmability - BRKRST-1014 | 2017/Las Vegas
Bruno Teixeira
 
Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben Rodriguez
 
SDN & NFV Introduction - Open Source Data Center Networking
Thomas Graf
 
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlowAuditor
 
Secure BGP and Operational Report of Bangladesh
Bangladesh Network Operators Group
 
RTI Technical Road Show SPAWAR SD
Real-Time Innovations (RTI)
 
Introduction to OpenFlow, SDN and NFV
Kingston Smiler
 
Hp 1015-odini-5 sdn-in_nfv
Marie-Paule Odini
 
Why sdn
lz1dsb
 
6WINDGate™ - Enabling Cloud RAN Virtualization
6WIND
 
OpenContrail Silicon Valley Meetup Aug 25 2015
Scott Sneddon
 
How to build high performance 5G networks with vRAN and O-RAN
Qualcomm Research
 
Acclerating SDN and NFV Deployments with Spirent
Malathi Malla
 
Software defined networking(sdn) vahid sadri
Vahid Sadri
 
Nfv orchestration open stack summit may2015 aricent
Aricent
 
Actual Condition Survey of Malware Download Sites for A Long Period
APNIC
 
Software Defined Networks
Shreeya Shah
 
Introduction to Software Defined Networking (SDN)
Bangladesh Network Operators Group
 
Ad

Similar to NUVX Technologies general solutions (20)

PDF
PL20000Series1214
David Sung
 
PDF
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
James Anderson
 
PDF
249549548 spider-ds-scsn-90002-112513
Zarobiza
 
PDF
Banv meetup-contrail
nvirters
 
PPTX
Introduction to NBL
Fei Ji Siao
 
PPTX
Why Its time to Upgrade a Next-Generation Firewall
Ali Kapucu
 
PDF
Turbocharge the NFV Data Plane in the SDN Era - a Radisys presentation
Radisys Corporation
 
PDF
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
PDF
Edge virtualisation for Carrier Networks
MyNOG
 
PDF
TaskQoS Network Control & Survey Tool.pdf
WPP
 
PPTX
Framework for the New IP - Phil O'Reilly
scoopnewsgroup
 
PPTX
Chapter04
Muhammad Ahad
 
PDF
Ccna 4 Chapter 4 V4.0 Answers
ccna4discovery
 
PPTX
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PROIDEA
 
PDF
IBM Programmable Network Controller
IBM India Smarter Computing
 
PDF
Building the SD-Branch using uCPE
Michelle Holley
 
PDF
Tech Talk by Peng Li: Open Mobile Networks with NFV
nvirters
 
PDF
WHGFeatures_BuyersGuide
Eugene Yu
 
PDF
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
ThomasGraf40
 
PDF
Embracing SDN in the Next Gen Network
NetCraftsmen
 
PL20000Series1214
David Sung
 
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
James Anderson
 
249549548 spider-ds-scsn-90002-112513
Zarobiza
 
Banv meetup-contrail
nvirters
 
Introduction to NBL
Fei Ji Siao
 
Why Its time to Upgrade a Next-Generation Firewall
Ali Kapucu
 
Turbocharge the NFV Data Plane in the SDN Era - a Radisys presentation
Radisys Corporation
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
Edge virtualisation for Carrier Networks
MyNOG
 
TaskQoS Network Control & Survey Tool.pdf
WPP
 
Framework for the New IP - Phil O'Reilly
scoopnewsgroup
 
Chapter04
Muhammad Ahad
 
Ccna 4 Chapter 4 V4.0 Answers
ccna4discovery
 
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PROIDEA
 
IBM Programmable Network Controller
IBM India Smarter Computing
 
Building the SD-Branch using uCPE
Michelle Holley
 
Tech Talk by Peng Li: Open Mobile Networks with NFV
nvirters
 
WHGFeatures_BuyersGuide
Eugene Yu
 
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
ThomasGraf40
 
Embracing SDN in the Next Gen Network
NetCraftsmen
 
Ad

Recently uploaded (20)

PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
KodekX | Application Modernization Development
KodekX
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Encapsulation theory and applications.pdf
gurumoop
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Approach and Philosophy of On baking technology
30anthuong17
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Cloud computing and distributed systems.
kkkkkhan
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
KodekX | Application Modernization Development
KodekX
 

NUVX Technologies general solutions

  • 1. Solutions for High-Performance Processing of Network Traffic Techno Hub B3, Office G-022, Dubai Silicon Oasis, Dubai, UAE www.nuvx.com / sales@nuvx.com / 00971 125 1262
  • 2. Product Application Areas2 Performance Security Telco State Power MetallurgyOil & Gas Mechanical engineering Transport Uniformed services & Army Banks Insurance Social insurance fund Cloud solutions IoT Smart city 2
  • 3. Products / Customers / Competitors Product Name NUVX.NAT NUVX.FILTER NUVX.BRAS NUVX.DPI NUVX.QoE NUVX.Router NUVX.Balancer NUVX.SDNSW Platform x86 x86 x86 ASIC+x86 ASIC+x86 x86 ASIC ASIC Product Type CG-NAT URL-filtering Service gateway DPI Quality of experience IP/MPLS router L3/L4 load balancer/active TAP SDN switch Customers Fixed and mobile ISP Fixed and mobile ISP, Corporate Fixed ISP ISP, Corporate ISP, Corporate Fixed and mobile ISP, Corporate Fixed and mobile ISP, CDN Fixed and mobile ISP, CDN, Corporate Competitors Cisco Juniper Huawei Nokia A10 F5 Checkpoint Fortinet Palo Alto Ericsson Juniper Cisco Huawei Nokia Brocade Allot Sandvine Empirix Comarch Juniper Brocade Cisco Huawei Gigamon Bigswitch Arista Naviflow pica8 3
  • 5. NUVX Universal Platform Platform – Model Types Model 2020 Model 2040 Model 4080 Model 4120 Model 4160 5
  • 6. NUVX Universal Platform Solution Based on 4 Platforms • NUVX Universal Platform uses all functionality supported by the 4 platform simultaneously; • NUVX Universal Platform provides all the basic functionality of the medium broadband access provider on one physical platform. NUVX.BRAS License NUVX.NAT License NUVX.Filter License NUVX.QoE License 6
  • 7. CG-NAT Solution Based on NUVX Universal Platform In comparison with foreign analogues* * According to the results of testing in an independent laboratory in 2015. 7
  • 8. URL-filtration Solution Based on NUVX Universal Platform • Direct network packet content analysis instead of the IP addresses in the header; • 100% prohibited content filtering and blocking; • Up to 160 Gbit /s (In + Out) all traffic performance when connected in-line; • Up to 16 filter lists, up to 30 million entries in the “black list“ support; • Custom list processing support; • Blocking break-in counteraction. 8
  • 9. NUVX.QoE Solution Features Based on NUVX Universal Platform Platform • Quality of Experience (QoE) monitoring; • Websites visited by ISP subscribers tracking; • Possible Botnet, Virus Crypto-mining activity detection; • Service upsaling; • Network faults behind subscriber’s CPE, NAT and Wi-Fi detection; • No additional probes or software installation required on the subscriber's side; • No diagnostic packets required to be sent; • DPI can monitor the mirrored traffic, in-line installation is not required; • Generalized mechanism: any access technology and service model support; • QoE functionality can be combined with other useful DPI functions in one device. 9
  • 10. Dec 13 08:29:01 10.10.10.3 010.012.057.225: 65376 091.231.235.128:00080 1513182549 nuvxnat GET /depot/228986/chunk/7d3ece044d4115fa7bae974acbd0873b305d6fb3? HTTP/1.1#015#012Host: steam.ru.qtlglb.com#015#012Accept: text/html,*/*;q=0.9#015#012Accept-Encoding: gzip,identity,*;q=0#015#012Accept-Charset: ISO-8859-1,utf-8,*;q=0.7#015#012User-Agent: Valve/Steam HTTP Client 1.0#015#012#015 Dec 13 08:29:01 10.10.10.3 010.254.017.186: 36449 095.163.068.052:00080 1513182549 nuvxnat GET /perviy/1/15131/1513171716.00- 1513171722.00.ts?account=2487e54f5cc6f78e&client=0d8d9390e47ad0a7&expires=1513260000&profile=17e3ecbacbe1d0a8&provider_id=5703bd2480 a8a010014872c3&region=&token=AoFK0UGWN8bgkRt0UNEqwg&user=a26ddbe35cbfb913&shift=0 HTTP/1.1#015#012Host: streams.b612.tightvideo.com#015#012Connection: close#015#012Cookie: #015#012User-Agent: Mozilla/5.0 (Web0S; Linux/SmartTV) AppleWebKit/537.41 (KHTML, like Gecko) Large Screen WebAppManager Safari/537.41#015#012#015 Dec 13 08:29:01 10.10.10.3 010.254.019.150: 35351 095.163.068.058:00080 1513182549 nuvxnat GET /mult/1/index.m3u8?account=491b7356de6aa38f&client=42df8d73114169a4&expires=1513260000&profile=c5514e0e4037bd5a&provider_id=5703bd2 480a8a010014872c3&region=&token=HU9uSU_0fRnDODt0m1pTgQ&user=9a3326b0dc398880 HTTP/1.1#015#012Host: streams.b612.tightvideo.com#015#012User-Agent: stagefright/1.2 (Linux;Android 4.2.2)#015#012Range: bytes=0-#015#012Connection: close#015#012#015 Clickstream statistics data collected by NUVX Universal Platform can be used for drawing conclusions about the resources visited by subscribers, devices they use, operating systems, Internet browsers, etc. Collection of Clickstream Statistics Based on NUVX Universal Platform Platform If necessary, the information from HTTP GET requests can be enriched on the external to EcoFilter server with information from billing and converted to the desired format (for example .CSV file.) 10
  • 11. The NUVX Universal Platform platform analyzes the traffic passing through it and collects statistics to assess the quality of subscribers' work in the network (number of packets transmitted, number of re-sent packets, delay, etc.) Having QoE statistics, the operator can proactively identify potential problems of subscribers and fix them before they occur. Collection of Quality of Experience Statistics on the NUVX Universal Platform Platform By comparing current QoE metrics with historical ones, you can determine the impact of any changes to network settings on the quality of network performance. 11
  • 12. Collection of Quality of Experience Statistics on the NUVX Universal Platform Platform Identify problems with the quality of communication behind CPE, including up to subscriber equipment: • Boost LTV (LifeTimeValue); • Clickstream analytics - ability to track visited sites, including competitors' sites; • Find out how many virtual IP addresses are behind the real IP address; • Determine what services / equipment subscribers use (SIP, OTT, smart house, smart tv, network equipment); • For each subscriber, prioritize traffic and restrict certain L7 based protocols. 12
  • 14. NUVX.DPI Brief Description NUVX.DPI is the hard & software complex designed for traffic inspection and deep traffic analysis. The DPI (deep packet inspection) system operates at several levels of the OSI model (from the data-link layer to the application layer) by protocols, applications, services, including multicast and network control protocols. This gives extensive opportunities for providers for traffic management. The complex is to be installed “in-line” of existing internal or external links through NUVX.DPI Bypass. This device switches the system to bypass mode (transparent traffic passing) in case of any abnormal situations. The main complex component which processes traffic can be clustered to scale complex’s bandwidth. The traffic balancing subsystem distributes the incoming and aggregates the outgoing traffic processed. NUVX.DPI Teracluster is the first Russian fault-tolerant multi-terabit DPI cluster, scalable up to 40 Tbit/s. 14
  • 15. NUVX.DPI Security (AntiDDoS, IDS/IPS) Content Filtering Filtering for Lawful Intercept Traffic Monitoring and Management Encrypted Traffic Decoding and Analysis DLP – Data Loss Prevention Application Based Routing Smart Load Balancing Targeted Advertising, Customer notification QoE, VaS, and Other Services DPI in Provider Network 15
  • 16. NUVX.DPI Features and Benefits (1) • Traffic analysis by applications with an updated signature database (more than 3200 applications, all the most known at the moment); • Flexible management of subscriber policies, including options for quoting, parental control, etc; • Versatile management (policing / marking / drop etc.) of downloading certain applications; • SLA ensuring at the application level; • Traffic analysis in AS, AS-PATH sections, traffic volumes, applications, subscribers; • Traffic redirecting corresponding to certain regular expressions for further processing by third-party systems (service chaining for VAS); • High-performance URL filtering http / https, URL logging, policing the traffic of individual URLs; • Support for 10/40/100 Gb/s interfaces with various encapsulation options: MPLS, IPinIP, QinQ, GRE, PPTP, L2TP, including embedded encapsulation; • Keeping of all metadata for further analysis: trends, forecasts, analytics, user profiles, etc. (BigData); • Single point of monitoring and control of the entire system; • Switching the system to bypass mode in case of any abnormal situations. 16
  • 17. NUVX.DPI Features and Benefits (2) • Real-time blocking of specific applications; • Traffic prioritizing, analysis and classification; • 100G port feature; • Load balancing, linear scaling; • Cluster solution, multi-terabit performance; • Discovery communication problems behind CPE including user equipment (QoE); • Common bandwidth management and distribution for subscribers (QoS); • 10/40/100 Gbit/s interface support with MPLS encapsulation; • Optional feature of BRAS/CG-NAT/Routing; • Innovative DPI Engine extensible by new signatures; • Maximum bandwidth, Gbit/s: 100 per DPI Unit; • Maximum number of sessions, million: 240; • Maximum number of sessions per second, thousands: 800; • Maximum number of subscribers, million: 31,5; • Number of protocols recognized: 3200+; • Number of URLs in library, million: 150; • Network interfaces: 4X100GbE per DPI Unit. 17
  • 18. Hardware Platforms. NUVX.DPI Bypass However, in case of abnormal situations in the system, this should not affect the operator's network functionality. In order to provide protection against failures, the NUVX.DPI Teracluster is connected to the operator's network through the NUVX.DPI Bypass devices. The device is installed in the gap between two routers of the operator's network and redirects traffic flows to the DPI complex for further processing. In case of any failure or maintenance the NUVX.DPI Bypass immediately switches the complex to bypass mode (transparent traffic passing). As the traffic inspection and analysis system should be able to control traffic in the provider’s network directly, it is installed “in-line” of existing lines. 18
  • 19. Hardware Platforms. NUVX.DPI Balancer NUVX.DPI Balancer Main Functionality: • Providing different interface types for internal and external systems: 10G, 40G, 100G; • Traffic distribution between DPI devices; • Traffic balancing between CPU cores inside single DPI device; • Asymmetric traffic flow aggregation; • N+X redundancy; • Traffic redirection to the external systems for further storage and analysis; • Transparent passing mode with mirroring to NUVX.DPI Unit; • Offloading mode for specific traffic flows – without analyzing in NUVX.DPI Unit (transparent transit traffic passing, including encrypted one). To gradually scale DPI complex bandwidth the main traffic processing element (NUVX.DPI Unit) can be clustered. In this case after the NUVX.DPI Bypass traffic is transferred to the balancing subsystem which consists of one or several NUVX.DPI Balancer devices. This subsystem distributes incoming traffic inside the NUVX.DPI Units farm and aggregates the processed traffic. 19
  • 20. Hardware Platforms. NUVX.DPI Unit The one of the functions of the NUVX.DPI Unit is the traffic management according to the policies specified. Policies can be based on protocols (systemwide polices), which allows to: • Restrict (rate limiting or drop) the traffic of a certain application, protocol, networks, ports, etc.; • Restrict the traffic of specified protocols with the specified meta-data; • Restrict the traffic for certain Web resources; • Apply QoS policies; • Mark the traffic of certain applications. Using policies the traffic of a single subscriber can be limited (subsciber- based policies). By such policies the following scenarios can be implemented: • Restriction of the traffic of certain subscriber; • Quoting; • Application of policies to subscriber's services based on applications, networks, ports and other; • Grouping subscribers by various criteria. The main subsystem of the complex is the one or multiple devices for deep traffic analysis NUVX.DPI Unit. The device analyzes packets on L2-L7 levels of the OSI model. In addition, NUVX.DPI Unit recognizes traffic of more than 3200 various applications. The traffic statistics collected during the analysis are transmitted via a proprietary protocol to NUVX.DPI Collector, which is a part of the complex. 20
  • 21. Hardware Platforms. NUVX.DPI cEMS The NUVX.DPI cEMS tasks include the following: • Auto install (Auto Provisioning, Zero Touch Provisioning, ZTP) of cluster elements; • Cluster element’s firmware updating; • Cluster element’s health check; • Configuration management of each cluster element; • Single point for claster management and monitoring by external OSS/BSS systems. All complex subsystems and elements are managed by a central control system. It is a separate device named NUVX.DPI cEMS. All complex elements are managed from NUVX.DPI cEMS by using command line interface (CLI) or graphical user web interface. 21
  • 22. NUVX.DPI Collector Software The complex also includes a subsystem for collecting and analyzing connection logs (NUVX.DPI Collector), which provides single access to the logs and statistics on them. The system accumulates statistical information about traffic flows (CDR), converts it for further processing and can be sent to external data storage system (EDSS) for long-term storage and subsequent analysis by other systems. To view the statistics, a Web-based interface was implemented, where not only detailed information on protocols, applications and subscribers is presented, but also graphs that demonstrate the use of network capacities and resources of the complex. Since the complex is divided into several separate devices according to their functional characteristics, it easily scales and adjusts to the tasks of a specific operator. For example, if the volume of the processed traffic does not exceed 100 Gbit / s, the complex may consist of only four components. At the moment, the maximum performance of the complex can be achieved using a scheme with three NUVX.DPI Unit farms with 20 devices in each farm. One device handles up to 100 Gbit / s traffic. Consequently, the overall performance of the complex will be 6 Tbps/s (NUVX.DPI Teracluster). 22
  • 23. NUVX Technologies Techno Hub B3, Office G-022, Dubai Silicon Oasis, Dubai, UAE www.nuvx.com / sales@nuvx.com / 00971 125 1262 Thank you for your attention!