Professional Documents
Culture Documents
ENT-01 Introduction
ENT-01 Introduction
Introduction
ACTE Training (Enterprise Track)
NX Clients CS Clients
• About Allot
NetXplorer ClearSee
• Core Technology Server
• Allot Architecture
AOS
In this introductory module, we will begin with an overview of Allot and how we
address the needs of our Enterprise Customers. We will then review our core
technology – DART, which lies at the heart of Allot’s Smart solutions. We end this
introductory module by examining Allot’s typical solution architecture.
By deploying Allot’s solution, enterprises are able to run efficient networks that
satisfy users and increase productivity while ensuring business continuity.
With Allot, both enterprise customers and cloud providers can:
See – Analyze the network in order to be able to plan capacities in an accurate way,
identify degradation on time and comply with regulation requirements. The solution
can also provide analysis and business analytics on different aspects of the data, such
as user behavior, QoE scoring, Trend analysis and troubleshooting tools.
Control – Improve user quality of experience using multi-dimension QoS and multi-
tenant SLA. Allot’s solutions ensure network resource allocation matches business
priorities, control applications running in the network by bandwidth or by
connections. We can also control and mitigate network latency using the add-on TCP
optimization feature.
Secure – Secure the network from attacks and allow users to browse safely. Remove
risky applications and protect you network infrastructure from Ransomware, DDoS
attacks, Bot infection and other kinds of web threats. Security is achieved by adding
an Anomaly Detection engine for host and network anomaly traffic.
Allot at a Glance
Since 1996
600+
employees worldwide
Enterprises have many IT challenges. Let’s look at 5 significant trends that are creating
challenges for Enterprises worldwide.
• Network Downtime is one of the main concerns of IT and Network Admins – Most of
the network downtimes and service interruptions are caused by either user or
application behavior. With the Allot solution, the IT manager can monitor and control
what is running in the network and overcome this challenge.
• As companies provide more and more online digital services to customers, their
digital experience (QoE) becomes critical to avoid revenue loss. Whether it is a bank
which provides access to customer data, a University which gets service to its
students or any other Enterprise business – they all need to provide a good QoE to
the network users to prevent revenue loss and maintain the business reputation.
• Networks becomes more complex as every year there are new applications, new
devices and new services to be deployed, maintained and administrated. It quickly
becomes very difficult to manage. Using the Allot solution the IT Manager can assure
the right QoS and QoE to the business-critical applications and services.
• Higher demand for strong connectivity and QoE of remote users at companies (VPNs,
Mobile, Cloud Apps) is becoming more popular than ever.
• Infrastructure changes such as transformation to SD-WAN, bandwidth upgrades,
adding new devices etc are common. Such projects are expensive and overwhelming,
but many times are not enough to solve the traffic issues in the enterprise network.
Allot’s Traffic Intelligence and Assurance solution for Enterprises helps to ensure
network and application availability.
The Allot platform can be deployed at the center of the network, so it sees the traffic
going from the LAN to the Internet and the public cloud, as well as traffic which is
coming from the outside going towards the private cloud. So with one centralized
solution we can control all traffic coming in and going out of the network and ensure
the availability of both the network and the applications that run over it.
Alternatively, the Allot platform can be deployed at the edge of each branch for
greater visibility of the network users.
The Allot solution can also provide real-time troubleshooting capabilities that can
help IT managers to understand in real-time how to optimize the network according
to patterns of usage.
Allot assures delivery of high-quality applications and digital experience of on-line
services with one centralized appliance and also guarantees optimal QoE for remote
users, which is very relevant when employees are working from home.
And finally Allot platform protects business continuity through Behavior Anomaly
Detection. It can identify both incoming DDoS attacks and outgoing anomalous traffic.
6
Module 1: Introduction
NX Clients CS Clients
• About Allot
NetXplorer ClearSee
• Core Technology Server
• Allot Architecture
AOS
In this section we will introduce the core “DART” technology, that lies at the heart of
Allot’s solutions.
Core Technology
(TCP/UDP Port)
(IP Address)
(MAC Address)
Let’s briefly go back to the basics. The OSI model provides a conceptual
understanding of networking. It is a reference model that characterizes and
standardizes the communication functions of a telecommunication or computing
system. The model partitions a communication system into several abstract layers.
The original version of the model defined seven layers which are presented here.
Each layer adds its own header information. As the data travels down through the
layers, it is encapsulated with a new header. At the network access layer, a trailer is
also added.
(TCP/UDP Port)
(IP Address)
(MAC Address)
This technique looks into the packet header to reveal communication intent.
Some applications can be detected simply by identifying the port over which
communication takes place (e.g: port 80 for HTTP).
Many others though, hide their identity in the payload itself. They may use a range of
different ports and may “hijack” ports which are commonly associated with other
applications such as port 80.
(TCP/UDP Port)
(IP Address)
(MAC Address)
Deep packet inspection looks deep into the payload to search for application
signatures.
They may be spread over several packets or encrypted.
Signature found
in several packets
12
Technology
Always up-to-date (DART) ML & AI Technology
• Periodic definition files update • Next generation DPI
• Assure up-to-date powered by ML
apps/protocol classifications algorithm
• Supervised and
Unsupervised Learning
models
13
See Control
Constantly see, record and understand
Not just inspect. Act!
your network Apply QoS policies via NetXplorer Management Module
Viewed via ClearSee Management Module
14
See refers to the ability to see, record, understand and share information about the
traffic on your network, as well as your users and their needs and habits. Allot’s DPI
Engine gathers and processes information on your users, the applications and devices
they use and the Quality of Experience they are enjoying. This information is then
used by ClearSee to create meaningful, clear and insightful graphs and reports to
explain and impart that data in a useful way.
Control refers to the different types of action one can choose to apply to a traffic flow
once it has been seen, using Allot NetXplorer.
You choose the action that most fits your network’s needs. You can shape traffic by
assigning it a designated Quality of Service (QoS), you can steer traffic to a network or
subscriber service, optimize video traffic to offer a better quality of experience,
expedite important and sensitive traffic or you can choose to drop a particular type of
traffic altogether. The control over your network is in your hands.
Secure
Protect your users and customers as well as your valuable data.
Add security options and protection of your network by using NetworkSecure and DDoS Secure products
15
Secure refers to the ability to protect your users and customers as well as your
valuable data.
You can filter traffic to block or restrict harmful content as well as stopping phishing
attempts and viruses by including Allot Secure in your solution. You can also add
protection from DDoS attacks and Botnet infections to your network. This capability is
enabled by the DDoS Secure product.
NX Clients CS Clients
• About Allot
NetXplorer ClearSee
• Core Technology Server
• Allot Architecture
AOS
16
In this section we will see where you should place the Allot System in the network.
SAP,
Paris
Video VDI
Oracle
WAN/MPLS Users/Clients
Web, Email VoIP GW
Citrix Servers Allot Network
Madrid
Users/Clients
HQ LAN
Centralized
Management
Users/Clients
At the LAN
LAN, WAN & Internet Junction 17
The location of the Allot Enterprise Platform will depend upon the traffic you want to
be able to analyze and manage. Here we see a typical network diagram of an
enterprise. The powerful and versatile SSG/SG can be placed at junction between the
LAN, Wan and Internet networks.
In this way you will achieve the following:
• Connecting to the LAN side will allow the IT manager the ability to see and manage
data centers and private clouds and all access to essential applications. By policy
configuration, the IT manager gains the same ability see and manage HQ campus
as well as each branch, as well as traffic between the different branches..
• Connecting the Allot platform before the primary Internet router gives the IT
manager the ability to see and manage the entire internet access to public cloud
applications (including business crucial applications) and other internet
application, based on the organization needs.
NX Clients CS Clients
• About Allot
• Core Technology
NetXplorer ClearSee
Server
• Placement in Network
• Allot Architecture Data
Mediator
• In-Line and Management Modules
• Modules within Allot Platforms
AOS
18
19
Several components make up the different Allot System platforms. In addition to the
In-Line module which performs the DART functionality detailed earlier, there is also a
series of Management Modules. We will introduce each module here briefly.
Each one of these modules sits on top of the ACP - Allot Common Platform.
The ACP is a CentOS based operating system for all Allot platforms. It is combined
with additional packages and specifically fine-tuned to meet the needs of the Allot
platforms”.
AOS
20
AOS (Allot Operating System) is the software which runs on all of Allot’s In-Line
platforms. This is the software which includes the Allot DART engine - it inspects the
traffic in Real-Time and processes each packet and packet that flows through it.
Allot’s DART engine classifies the traffic and enforces different actions according to
the rules that were predefined.
AOS also collects Real-Time statistics for Analytics purposes.
NetXplorer
(NX)
• Policy Creation
• Hierarchical Rule-Based policy
• Classification by service, host, time,
encapsulation, interface etc.
• Actions such as Access Control, QoS,
Steering, ToS marking etc.
21
Allot NetXplorer provides control over all the aspects of the In-Line platform,
providing centralized visibility that is accessible to multiple clients and designed to
manage a globally dispersed network infrastructure. One GUI provides centralized
control of key Allot solution elements, including the AOS platforms, the User
Management Platform (SMP), the Data Mediator and ClearSee.
22
Data Mediator is a mediation element that collects data records from the AOS and
prepares them for upload to the ClearSee, which is the reporting and analytics heart
of the AOS.
ClearSee collects raw data from the AOS platforms as well as control plane elements
from the SMP (Subscriber/User Management Platform) and employs a cutting-edge
data warehouse designed for fast look-up, processing, and export. The data
warehouse features a columnar structure and uses massive parallel processing (MPP)
to handle big data with extreme efficiency.
Subscriber Management
Platform (SMP)
SMP CS
User Login Top Users report • SMP
Usage per User report
IP address
• Ensures full visibility and control per user
AD Server
• Identifies the enterprise user associated
DM
with each traffic flow
• Transparent IP mapping
AOS
23
Allot’s Enterprise solution utilizes user awareness and user-based policy management
provided by Allot SMP.
SMP works with an Active Directory Adaptor to integrate with the Enterprise Active
Directory system. This gives the AOS user-level awareness by enabling it to map each
user to their allocated IP in the enterprise network. In addition, SMP gives the system
visibility of the user group or groups defined for each employee in the enterprise
active directory. You can then configure different control policies based on different
enterprise user groups.
DDoS Secure
(DSC)
• Anti-DDoS
• Identifies and mitigates network anomalies
• Ensures Network stability
• Protects against computing resources
misuse
• Anti-Abuse (Botnet)
• Identifies and isolates abusive user behavior
• Dynamic internal blacklist
• Protects IP reputation / avoids DNS
More details in
CDSA Course blacklisting
24
Allot’s DDoS Secure integrates protection against bots infiltrating client devices and
DDoS attacks into one package. The DSC works round-the-clock to protect the
network and notify the administrator of any malicious activities.
NX Clients CS Clients
• About Allot
• Core Technology
NetXplorer ClearSee
Server
• Placement in Network
• Allot Architecture Data
Mediator
• In-Line and Management Modules
• Modules within Allot Platforms
AOS
25
• The Allot Platforms may include one or several modules in one appliance.
Enterprise Enterprise
Only Only
ACG AGM
SG/SSG
DM DM
Here we see how the different modules we’ve discussed are included in the main
Enterprise platforms. For large deployments with high throughput requirements, each
module is installed on a separate server. However, more small installations, several
modules are installed on one appliance for reducing cost and space.
• ACG (Application Control Gateway) platforms are designed for small businesses
and enterprises and include both AOS and Management Modules in a single
server.
For large and Medium businesses the AOS platforms and Management platforms are
separated into two separate physical platforms:
• AGM (Allot Gateway Manager) platform include all Management Platforms on a
single server. It can manage up to 4 AOS devices.
• SG and SSG appliances are in-line platforms and include the AOS module only.
SG/SSG platforms support various throughput options and physical links.
Review Question
Dynamic Actionable
Recognition Technology
27
Allot’s core technology is known as “DART”. What does “DART” stand for?
Review NX
Clients
CS
Clients
DDoS Secure
Clients
Question
√ √ X
NX
SMP Server CS DSC
X √ √ X
Data
Mediator
What are the compulsory
components for a solution √
combining
Traffic Management with
Network Analytics solution? SG
√
28
ACPP Training 28
Module 1: Architecture Overview
Review NX
Clients
CS
Clients
DDoS Secure
Clients
Question
√ X √
NX
SMP Server CS DSC
√ √ X √
Data
Mediator
What are the compulsory
components for a X
Botnet Containment HBAD
solution?
SG
*HBAD = Host Behavioral Anomaly Detection √
29
ACPP Training 29
Module 1: Architecture Overview
Review NX
Clients
CS
Clients
DDoS Secure
Clients
Question
√ √ X
NX
SMP Server CS DSC
√ √ √ X
Data
Mediator
What are the compulsory
components for √
Analytics solution with users
visibility?
SG
√
30
What are the compulsory components for Analytics solution with users visibility?
Answer:
• NX and SG components are basic and compulsory for any solution.
• SMP module is necessary to gain the users visibility.
• DM and CS components are compulsory for Analytics solution.
• DDoS and NS Secure are for security and not analytics, so those are not
compulsory modules
ACPP Training 30
Module 1: Introduction
Thank You
31