1- Overviews
- A full visual control of Data Acquisition/Capture device(2* 40G QSFP slots plus 48 * 10GE SFP+ slots)
- A full pre-processing and re-distribution device(bidrectional bandwidth 560Gbps)
- Supported collection & reception of link data from different network element locations
- Supported collection & reception of link data from different exchange routing nodes
- Supported raw packet collected, identified, analyzed, statistically summarized and marked
- Supported raw packet output for monitoring equipment of BigData Anlysis, Protocol Analysis, Signaling Analysis, Security Analysis, Risk Management and other required traffic.
- Supported real-time packet capture analysis, data source identification, and real-time/historical network traffic search
2- Intelligent Traffic Processing Abilities
VLAN Tagged 
ASIC Chip Plus TCAM CPU 560Gbps intelligent traffic processing capabilities
10G/40G Traffic Replication The original input traffic and pre-processed traffic can be copied from 1 to N or aggregated from N to M at 10GE link speed, which perfectly solves the requirement that two or more multi-port out-of-band monitoring devices can be deployed on the network at the same time. 
Data Filtering Supported flexible combination of metdata elements based on Ethernet Type, VLAN Tag, TTL, IP seven-tuple, IP Fragmentation, TCP Flag, and other Packet Features fornetwork security devices, protocol analysis, signaling analysis, and traffic 
Network Traffic Aggregation The original input traffic and pre-processed traffic can be copied from 1 to N or aggregated from N to M at 10GE link speed, which perfectly solves the requirement that two or more multi-port out-of-band monitoring devices can be deployed on the network at the same time. 
Data Distribution/Forwarding Classified the incoming metdata accurately and discarded or forwarded different data services to multiple interface outputs according to user’s predefined whitelist or blacklist rules. 
Load Balance Supported load balance Hash algorithm and session-based weight sharing algorithm according to L2-L7 layer characteristics to ensure that the port output traffic dynamic of load balancing 
Mylinking™ Network Visibility Platform Supported Mylinking™ Visibility Control Platform Access Supported the matching of any key field in the first 128 bytes of a packet. The user can customize the offset value and key field length and content, and determine the traffic output policy according to the user configuration.VLAN Untagged VLAN Replaced 
UDF Match Supported the matching of any key field in the first 128 bytes of a packet. Customized the Offset Value and Key Field Length and Content, and determining the traffic output policy according to the user configuration 
MAC Address Replacing Supported the replacement of the destination MAC address in the original data packet, which can be implemented according to the user's configuration 
3G/4G Mobile Protocol Identification and Classification Supported to identify mobile network elements such as (Gb, Gn, IuPS, S1-MME, S1-U, X2-U, S3, S4, S5, S6a, S11, etc. interface). You can implement traffic output policies based on features such as GTPV1-C, GTPV1-U, GTPV2-C, SCTP, and S1-AP based on user configurations.
Ports Healthy Detection Supported real-time detection of the service process health of the back-end monitoring and analysis equipment connected to different output ports. When the service process fails, the faulty device is automatically removed. After the faulty device is recovered, the system automatically returns to the load balancing group to ensure the reliability of multi-port load balancing.
1+1 Redundant Power System(RPS) Supported 1+1 Dual Redundant Power System
User-defined Decapsulation Supported the user-defined packet decapsulation function, which can strip any encapsulated fields and contents in the first 128 bytes of a packet and output them 
10GE/40GE Acquisition Data Capture 2 splots 40GE QSFP plus 48 slots 10GE up to 560Gbps Traffic Data Transceiver at same time, for network Data Capture, simple Pre-processing
IP Datagram Reassembly Supported IP fragmentation identification and supports reassembly of IP fragmentation so as to implement L4 feature filtering on all IP fragmentation packets. Implement traffic output policy.
Packet Encapsulation output Supported to encapsulate any specified packets in the captured traffic to the RSPAN or ERSPAN header and output the packets to the back-end monitoring system or network switchMirror Port Protection Supported the Mirror Port Protection function of each interface. This function can block the TX capability of mirror acquisition port, and effectively avoid the problem of network forming loop caused by device configuration error.
Redundant Output Ports Supported active/standby redundancy of traffic output ports. When the status of the active output port is abnormal (disabled or link Down), the output traffic can be switched to the standby port, ensuring high reliability of traffic output.
Tunnel Packet Termination Supported the tunnel packet termination function, which can configure IP addresses, masks, ARP responses, and ICMP responses for traffic input ports. Traffic to be collected on the user network is directly sent to the device through tunnel encapsulation methods such as GRE, GTP, and VXLAN
Port Breakout Supported 40G port breakout function and can be split into four 10GE ports to meet specific access requirements
Time Stamping Supported to synchronize the NTP server to correct the time and write the message into the packet in the form of a relative time tag with a timestamp mark at the end of the frame, with the accuracy of nanoseconds
VxLAN, VLAN, GRE, MPLS Header Stripping Supported the VxLAN, VLAN, GRE, MPLS header stripped in the original data packet and forwarded output.
Data/Packet De-duplication Supported port-based or policy-level statistical granularity to compare multiple collection source data and repeats of same data packet at a specified time. Users can choose different packet identifiers (dst.ip, src.port, dst.port, tcp.seq, tcp.ack)
Data/Packet Slicing Supported policy-based slicing (64-1518 bytes optional) of the raw data, and the traffic output policy can be implemented based on user configurationClassified Sensitive Data Masking Supported policy-based granularity to replace any key field in the raw data in order to achieve the purpose of shielding sensitive information. According to user configuration, the traffic output policy can be implemented. Please visit "What’s the Data Masking Technology and Solution in Network Packet Broker?" for more details.Tunneling Packet Termination Supported the tunnel packet termination function, which can configure IP addresses, masks, ARP responses, and ICMP responses for traffic input ports. Traffic to be captured on the user network and directly sent to the back monitoring device through tunnel encapsulation methods such as GRE, GTP, and VXLAN
Tunneling Protocol Identification Supported automatically identify various tunneling protocols such as GTP / GRE / PPTP / L2TP / PPPOE. According to the user configuration, the traffic output strategy can be implemented according to the inner or outer layer of the tunnel 
APP Layer Protocol Identify Supported commonly used application layer protocol identification, such as FTP, HTTP, POP, SMTP, DNS, NTP, BitTorrent, Syslog, MySQL, MsSQL and so on 
Video Traffic Filtering Supported to filter and mitigate the video stream data matching such as domain name address resolution, video transmission protocol, URL and video format, to offer useful data to analyzers and monitors for security. 
SSL Decryption Supported loading the corresponding SSL certificate decryption. After the decryption of HTTPS encrypted data for the specified traffic, it will be forwarded to the back-end monitoring and analysis systems as required. 
Packet Capturing Supported port-level, policy-level packet capture from source physical ports within filter of Five-Tuple field in real time 
Traffic Monitoring and Detection Traffic monitoring provides real-time traffic situation monitoring capability. Traffic detection enables in-depth analysis of traffic data at different network locations, providing original data sources for real-time fault location 
Real-time Traffic Trend Monitoring Supported real-time monitoring and statistics on port-level and policy-level data traffic, to show the RX / TX rate, receive / send bytes, No., RX / TX the number of errors, the maximum income / hair rate and other key indicators. 
Traffic Trend Alarming Supported port-level, policy-level data traffic monitoring alarms by setting the alarm thresholds for each port and each policy flow overflow. 
Real-time Traffic Detection Supported the sources of "Capture Physical Port (Data Acquisition)", "Message Feature Description Field (L2 – L7)", and other information to define flexible traffic filter, for real-time capture network data traffic of different position detection, and will it will be storaged the real-time data after captured and detected in the device for downloading of further execution expert analysis or uses its diagnosis features of this equipment for deep visualization analysis. 
Historical Traffic Trend Review Supported port-level, policy-level nearly 2 months of historical traffic statistics query. According to the days, hours, minutes and other granularity on the TX/RX rate, TX/RX bytes, TX/RX messages, TX/RX error number or other information to query select. 
DPI Packet Analysis DPI in-depth analysis module of the traffic visualization detection function can conduct in-depth analysis of the captured target traffic data from multiple dimensions, and perform detailed statistical display in the form of graphs and tables Supported the captured datagram analysis, including abnormal datagram analysis, stream recombination, transmission path analysis, and abnormal stream analysis 3- Typical Application Structures
3.1 Centralized Collection Application(as following)
3.2 Unified Schedule Application(as following)
3.3 Data VLAN Tagged Application(as following)
3.4 Data/Packet De-duplication Application(as following)
3.5 Mylinking™ Network Packet Broker Data/Packet Slicing Application(as following)
3.6 Mylinking™ Network Packet Broker Data/Packet Masking Application(as following)
3.7 Traffic Capture/Data Detection Visibility Control Platform Tools(as following)
3.8 Network Traffic Data Visibility Analysis Application(as following)
4- Specifications
| NL-NPB-5060 Mylinking™ Network Packet Broker Functional Parameters | |||
| Network Interface | 10GE | 48*SFP+ slots; Supports single and multi-mode optical fibers | |
| 40GE | 2*QSFP slots; Support 40GE, breakout to be 4*10G; Supports single and multi-mode optical fibers | ||
| Out-of-BandMGT Interface | 1*10/100/1000M electrical port | ||
| Deployment Mode | Optical Mode | Supported | |
| Mirror Span Mode | Supported | ||
| System Function | Basic Traffic Processing | Traffic Replication/aggregation/distribution | Supported |
| Based on IP / protocol / port seven-tuple traffic identification filtering | Supported | ||
| UDF match | Supported | ||
| VLAN mark/replace/delete | Supported | ||
| 3G/4G Protocol identification | Supported | ||
| Interface health inspection | Supported | ||
| Mirror Port Protection | Supported | ||
| Redundant output ports | Supported | ||
| Tunnel packet termination | Supported | ||
| Packet encapsulation | Supported | ||
| Port breakout | Supported | ||
| Ethernet package independence | Supported | ||
| Processing ability | 560Gbps | ||
| Intelligent Traffic Processing | Time-stamping | Supported | |
| Tag remove | Supported VxLAN、VLAN、GRE、MPLS header stripping | ||
| Data de-duplication | Supported interface/policy level | ||
| Packet slicing | Supported policy level | ||
| Supported policy level | |||
| Tunneling protocol identification | Supported | ||
| Application layer protocol identification | Supported FTP/HTTP/POP/SMTP/DNS/NTP/ BitTorrent/SYSLOG/MYSQL/MSSQL, etc. | ||
| Video traffic identification | Supported | ||
| SSL decryption | Supported | ||
| Custom decapsulation | Supported | ||
| Processing ability | 40Gbps | ||
| Diagnosis and Monitoring | Real-time monitor | Supported interface/policy level | |
| Traffic alarm | Supported interface/policy level | ||
| Historical traffic review | Supported interface/policy level | ||
| Traffic capture | Supported interface/policy level | ||
| Traffic Visibility Detection | Basic Analysis | Summary statistics are displayed based on basic information such as packet count, packet category distribution, number of session connections, and packet protocol distribution | |
| DPI Analysis | Supports transport layer protocol ratio analysis; unicast broadcast multicast ratio analysis, IP traffic ratio analysis, DPI application ratio analysis. Support data content based on sampling time analysis of traffic size presentation. Supports data analysis and statistics based on session flow. | ||
| Accurate Fault Analysis | Supported fault analysis and location based on traffic data, including packet transmission behavior analysis, data flow level fault analysis, packet level fault analysis, security fault analysis, and network fault analysis. | ||
| Management | CONSOLE MGT | Supported | |
| IP/WEB MGT | Supported | ||
| SNMP MGT | Supported | ||
| TELNET/SSH MGT | Supported | ||
| RADIUS or TACACS + Centralized authorization authentication | Supported | ||
| SYSLOG protocol | Supported | ||
| User authentication | Based on user’s password authentication | ||
| Electric(1+1 Redundant Power System-RPS) | Rate power supply voltage | AC110~240V/DC-48V(optional) | |
| Rate power supply frequency | AC-50HZ | ||
| Rate input current | AC-3A / DC-10A | ||
| Rate power | Max 260W | ||
| Environment | Working temperature | 0-50℃ | |
| Storage temperature | -20-70℃ | ||
| Working humidity | 10%-95%no condensation | ||
| User Configuration | Console configuration | RS232 interface, 115200,8,N,1 | |
| Password authentication | Supported | ||
| Height of Chassis | Rack space (U) | 1U 445mm*44mm*402mm | |