GRISM GRISM GRISM GRISM
GRISM

Pervasive Inspection

Security Function Offloading

Perimeter Defense

Key Functions
Netflow
Netflow
Extract the network metadata from packet streams.
Service Bypass
Service Bypass
Make the low-risk traffic skip security inspection.
Deduplication
Deduplication
Remove L3-above duplicated packets.
Load Balance
Load Balance
In-line or OOB session-based traffic load balance with HA configuration.
Aggregate
Aggregate
Collect traffic from several sources or interfaces.
Filter
Filter
L2 to L7 session-based or packet-based filtering.
Massive Blockin
Massive Blocking
Detect and block sessions by a massive list of IPs/Domains.
Tunnel
Tunnel
Tunnel for traffic span to support cross-site or VM2VM monitoring.
Packet Slicing
Packet Slicing
Removing specific section from packet.

Features

Architecture diagram

Hardware Spec

Any-to-Any Delivery

Each interface can be INPUT or OUTPUT

1-to-many, many-to-1, many-to-many

To any selected interface after filtering

Advanced Distribution

Filter Processor Composed of a set of rules with AND / OR operation Session-based filtering and packet-based filtering L2-L4 header filtering rule: MAC address, Ethertype, VLAN ID, IP range, TCP/UDP port…

DPI-enabled Filter Processor L4-L7 Pattern-based filtering Pattern format: HEX, ASCII strings and Regular Expression

Tunnel-awareness filter Apply all filtering rules on in-tunnel packets where GRE / VxLAN / QinQ / MPLS Tunnel ID (ERSPAN/X-tunnel) filtering

Processor Chain User-defined graphs of Filter Processors

Out-of-band Load balance

Same Dst IP / Src IP / Dst Port / Src Port sticky to same egress ports

Same 5-tuple hash sticky to same egress ports

Delivery HA: Re-distribute to link-up egress ports

Balance port groups: Max 8 egress ports

Packet Engineering

Tag removal: MPLS / VLAN / QinQ…

Unpacking Tunnel
(Tag removal and re-encapsulation):
GRE / GTP / ERSPAN / NvGRE / VxLAN

User-defined VLAN tagging for input packets or output packets

Packet Deduplication

Monitoring Network Virtualization

GRISM to GRISM tunnel

Encapsulation: GRE, VxLAN, ERSPAN, X-tunnel

Network Traffic Intelligence Extraction

Generate Netflow V5 / V9

Generate HTTP log

Generate DNS log

Sensitive Data Protection

Packet slicing Preserve N bytes Remove TCP / UDP payload

Data mask Replace sensitive data segment in TCP / UDP payload Data segment can be defined in regular expression

In-Line Aggregation and Re-Distribution

N network links X M monitoring links (N X M)

In-line session-based load balance with HA strategy

Intelligent content-based bypass IP address List User-defined pattern in regular expression

PCAP File Prcoessing

Stream snapshot in PCAP format

Filter PCAP files with timestamp persistance

Remote recording agent over L2-L4 switch

Telecom Correlation Processing

Mobile 3G / LTE data netwok Filter GTP-C / GTP-U by IMSI/IMEI Subscriber-based load balance

Fixed ISP network Filter user-plane packets by RADIUS ID subscriber-based load balance

Virtual Machine Traffic

VM traffic redirection by GRISM-V (as a VM instance)

Supporting environment KVM VMware ESXi / vSphere

System Control and Operation

Web GUI agent for authenticated users

Advanced Control XML script over HTTP

Management protocol: Telnet, HTTP, SNMP V2

Front-line Security

Massive Blocking IP / Domain / URL Max 2,000,000 entries

3rd party threat intelligence import

Grism architecture
GRISM-G8
GRISM-G8
GRISM-T16
GRISM-T16
GRISM-T2G8
GRISM-T2G8
GRISM-F2T12
GRISM-F2T12
GRISM G8
GRISM T2G8
GRISM T16
GRISM T32
GRISM T20/F2T12/F4T4
Dimension
17.3" W x 8.6" D x 1.7" H
17.3" W x 13.7" D x 1.7" H
17.3" W x 16.5" D x 1.7" H
17.3" W x 16.5" D x 5.2" H
17.3" W x 21" D x 1.7" H
Network Interface
1G RJ45*8
10G SFP+*2 1G RJ45*8
10G / 1G SFP+*16
10G / 1GSFP+*32
"10G SFP+*20
40G QSFP*2+10G*12
40G QSFP*4+10G*4"
Management Interface
1G RJ45*1
1G RJ45*1
1G RJ45*1
1G RJ45*1
1G RJ45*1
Management Protocol
HTTP/HTTPS SNMP V2
HTTP/HTTPS SNMP V2
HTTP/HTTPS SNMP V2
HTTP/HTTPS SNMP V2
HTTP/HTTPS SNMP V2
Data Format
1.Ethernet 2.PCAP file
1.Ethernet 2.PCAP file
Ethernet
Ethernet
Ethernet
Storage
SATA2*1
SATA2*2
2GB (virtual disk)
2GB (virtual disk)
2GB (virtual disk)
Forwarding or Replication
8Gbps
56Gbps
160Gbps
640Gbps
400Gbps
1:1NetFlow Processing
Max 3Gbps
Max 10Gbps
Max 30Gbps
Max 60Gbps
Max 50Gbps
Mechanical
1U Appliance
1U Appliance
ATCA 1U, one blade
ATCA 3U, two blade
1U Appliance
Power
AC 110V-220V input
AC 110V-220V input
1.Dual DC -48V input
2.Dual AC 110V-220V input (with external PDU)
Dual AC
110-220V input
Dual AC
110-220V input