Keysight’s Ixia Fabric Controller
(IFC) Clustering
Improving Visibility Efficiency and Design
Flexibility for Distributed Packet Brokers
With today’s complex network infrastructure, the needs
for visibility and security monitoring could change
dramatically from customer to customer. Some require
security tools being centralized, while others require
security tools being placed in various locations in a
distributed environment for operating efficiency and
maximum design flexibility.
In a distributed environment, Single Pane of Glass
management for all network packet brokers is essential
for ease of use. Operation and management for a
cluster of NPBs should be as easy as a single one.
Keysight’s IFC Clustering solution offers such an
example.
Keysight’s Ixia Fabric Controller Node
IFC Controller Node works like an SDN controller for
visibility packet brokers. The controller node in an IFC
cluster creates and maintains global configuration
database for all nodes in the cluster. Multiple controller
nodes are possible in an IFC cluster, offering
configuration redundancy and resiliency. IFC clustering
is based on distributed architectures that allow network
administrators access to traffic sent to monitoring and
diagnostic tools anyway in the visibility network, single-
or-multi hops away.
Find us at www.keysight.com
Highlights
• Keysight’s Ixia Fabric Controller Clustering
provides a single ‘pane of glass’
configuration, management and operation
for a cluster of Keysight network packet
brokers in any-to- any, single hop or multi
hop topology
• Leverages Keysight’s patented filter
compiler to seamlessly resolve filter
overlaps even in a distributed environment
• Transparent interconnects, in direct
connect or over GRE tunnel, make it
seamless to forward tapped data from
multiple remote locations to centralized tool
farm
• Tight integration with IFC Centralized
Manager for rich NMS functions, topology
visualization, and single sign- on
• Comprehensive statistics along each hop
and colorful indicator for congestion and
link health help reduce troubleshooting time
in large scale deployments
Figure 1: Example IFC Cluster Topology
Page 1
Single Pane of Glass (SPoG) for Configuration, Management and Operation
All ports and nodes in a IFC cluster can be configured and managed from one user interface (UI) as
shown in Figure 2. Cluster topology displays how nodes are connected, what the interconnect links are,
and how much bandwidth is allocated. Colorful indicator indicates if links are normal, or dropping
packets, or simply down and unusable. Keysight's visibility intelligence capabilities—NetStack,
PacketStack, SecureStack, and AppStack—resources can also be used across the fabric. This makes it
easy to operate across multiple sites, providing the centralized control required of complex visibility
infrastructure.

FLEXIBLE ANY-TO-ANY TOPOLOGY SUPPORT

Customers deploying monitoring solutions today continue to face challenges. For example, how to get
the distributed packet brokers working together cost effectively? Imagine you have 2-3 remote offices
and you want flexibility in connecting them because of connectivity costs. Keysight’s IFC clustering
architecture allows to connect the packet brokers in various topologies, thus allowing you to select the
deployment that makes the best business sense. It also allows you to get an unprecedented level of
resiliency—with multiple controller nodes configured, a copy of the configuration maintained on all
controller nodes. Thus, if some fail, the remaining good controller nodes are still accessible and
continue to function as designed.

Figure 2: Supported Topologies

WIDE-SCALE MONITORING WITH IFC CLUSTERING

As cyber threats expand, and the cost of downtime increases, businesses increasingly want to deploy
massive monitoring solutions. With the support of IFC clustering on all major Vision platforms, Keysight
extends the benefits of sophisticated packet processing provided by its patented filter compiler to many
more end- points across a network in a distributed environment. IFC clustering integration with IFC
centralized managers offers powerful NMS features, such as auto discovery, event/alarm management,
bulk software upgrade.

IFC MULTI-HOP CLUSTERING

Tapped traffic must traverse two or more interconnects to reach a tool. Unique requirements for multi
hop topology include the following:

• Best routes are calculated using Shortest Path First (SPF) algorithm
• Interconnects can be either direct connection or over GRE tunnel

Find us at www.keysight.com Page 2

• Load Balance must happen on Equal Cost Multiple Paths (ECMP)
• Tapped traffic must be delivered to tools in orderly fashion with session integrity
• Failover protection with resiliency
• On-demand route re-optimization
• Automatic discovery of Interconnects by using LLDP

KEY FEATURES:
• Centralized network visibility management and operational control through a single pane of
glass
• Supports more than 50 nodes in a single cluster
• Seamless interconnect links between packet brokers make it possible to forward tapped
traffic to any given tools in the IFC cluster
• IFC interconnects among members can be either in direct connects, or over GRE
encapsulated tunnels; enabling IFC member to be connected over DWDM devices or WAN
routers/switches (selected packet brokers)
• Compressive statistics and health indicators make troubleshooting extremely easy
• Any-to-any, single-or-multi hops topology support allows maximum design flexibility
• Cost-effective visibility deployment with combination of low cost edge NPBs and more
powerful NPBs for advanced packet processing and application identification
• Multiple controller nodes support allows redundancy and resiliency
• Automatic failover protection on interconnects and on-demand route optimization
• LLDP based interconnect discovery
• Open API’s for seamless integration with SDN Controllers, including Cisco ACI

USE CASES:
Primary uses of Keysight’s Ixia Fabric Controller Clustering include enabling enterprises or data centers
to aggregate data, filtering traffic, applying smart operations on monitored traffic such as deduplication
or header stripping, thus creating new operating efficiencies for security tools. Specifically, early users
have been interested in these use cases:

Large scale monitoring—Today’s large-scale datacenters and country wide networks require a lot of
links to be tapped, and traffic is generally directed to a central tool farm. Keysight’s Ixia Fabric Controller
clustering allows you to deploy many low cost NPBs as aggregation layer and then direct filtered traffic
to more advanced NPBs collocated at central tool farm. This design can easily scale to thousands of
ports with managed cost, yet with a single pane of glass configuration and management interface.

Agile monitoring—Many lawful intercepts require agile monitoring even for a distributed environment.
Whenever needs arise, customer wants to quickly setup new rules and forwards interested traffic to
more specific security tools for deep analysis. The whole process must be quick and agile, ideally within
seconds certainly not hours or days. Keysight’s patented technology of filter compiler makes this
possible with standalone or centralized monitoring. Now, IFC clustering simply extends the same benefit
to a distributed cluster of nodes.

Find us at www.keysight.com Page 3

Traffic engineering with protection—Laying a resilient infrastructure for visibility is crucial in the
design of large data centers. Aggregation is unavoidable which also means flexible traffic engineering
options are required to cope with oversubscription. IFC clusters offer any-to-any topology support (vs.
hub-and-spoke only) that makes any-to-any interconnection possible. If one interconnect is overbooked,
excessive traffic can be rerouted to other links. Load balance on the interconnect link bundle also offers
redundancy and resiliency to the tapped traffic. So, tools have far less chance to be blinded.

Flexible visibility topology—Visibility networks come in different shapes—hub-and-spoke, spine-and-

leaf, tree, mesh or partial mesh, or any combination of above. It all depends on how customers plan to
design their visibility infrastructure, and with or without redundancy. Some examples are shown below:

• Spine-and-leaf aggregation with failover redundancy

• Dual ring topology

Find us at www.keysight.com Page 4

Ordering Information
Keysight’s Ixia Fabric Controller requires a license on each Vision network packet broker that needs to
be part of the SDN clustering architecture. Both single hop and multi hop features are included in the
same license.

Part Number Description

LIC-V1-IFC Keysight Vision ONE license, enables Keysight’s Ixia Fabric Controller (IFC)
Clustering for direct connection to other Vision devices supporting IFC Clustering
(E100, E40, Vision ONE, 7300/3); licensed per system; requires previous or
adjunct purchase of port licenses to operate (993-0170).

LIC-E100-IFC Keysight Vision E100 license, enables Keysight’s Ixia Fabric Controller (IFC)
Clustering for direct connection to other Vision devices supporting IFC Clustering
(E100, E40, Vision ONE, 7300/3); licensed per system; requires previous or
adjunct purchase of port licenses to operate (993-0150).

LIC-E40-IFC Keysight Vision E40 license, enables Keysight’s Ixia Fabric Controller (IFC)
Clustering for direct connection to other Vision devices supporting IFC Clustering
(E100, E40, Vision ONE, 7300/3); licensed per system; requires previous or
adjunct purchase of port licenses to operate (993-0151).

LIC-7300-IFC Keysight Vision 7300 series license, enables Keysight’s Ixia Fabric Controller
(IFC) Clustering for direct connection to other Vision devices supporting IFC
Clustering (E100, E40, Vision ONE) as well as both direct connection and GRE
tunnel to other 7300/3 devices over the M7300CAS-PS16PX line card; licensed
per system; requires previous or adjunct purchase of port licenses to operate
(993-0172).

LIC-E10S-IFC Vision E10S, Enables Keysight’s Ixia Fabric Controller (IFC) for direct connect to
Vision ONE or NTO 7300/3, Vision Edge 40, Vision Edge 100; licensed per
system; requires previous or adjunct purchase of port licenses to operate.

LIC-VX-IFC Keysight Vision X, (1) Fabric connectivity feature license

LIC-7816-IFC Keysight, Add On Feature, IFC for Edge-core AS7816-64X AC/DC switch, One per
system (993-0177)

Find us at www.keysight.com Page 5

Learn more at: www.keysight.com
For more information on Keysight Technologies’ products, applications or services,
please contact your local Keysight office. The complete list is available at:
www.keysight.com/find/contactus

Find us at www.keysight.com Page 6

This information is subject to change without notice. © Keysight Technologies, 2019-2021, Published in USA, April 05, 2021, 7019-0148.EN