Modern enterprises rely on high-speed networks to increase productivity, find innovative solutions and enhance collaboration.
However, these increased network data rates and resulting network upgrades can have major consequences for security administrators – especially those who rely on best-of-breed inline threat prevention tools.
Gigamon, the company leading the convergence of security and network operations, is offering a solution to this conundrum with its inline bypass threat prevention.
Part of the GigaSECURE Security Delivery Platform – a next-generation network packet broker that has been purpose-built for security – the inline bypass tool aims to increase security without compromising network availability.
It works by enabling operational staff to select and distribute specific traffic of interest across multiple inline security tools.
Here, Sam Kumarsamy, Senior Product Marketing Manager at Gigamon, outlines the main implications of introducing more data over faster networks as well as the key benefits of the inline bypass functionality.
How serious are the security implications of the introduction of more data over faster networks?
When you introduce more data over faster networks such as 10GB, 40GB and 100GB your existing security tools may not have the capacity to handle these high speeds and therefore will not be able to analyse all of the network traffic for threats.
This also results in the degradation of the security tools performance and renders them ineffective. The end result is that not all the hidden threats in the high-speed networks are detected.
Why should organisations not rely on inline tools?
Inline tools (as shown in the provided diagram) present the following challenges for both network and security teams:
- Introduces multiple points of failure
- Physical interfaces must match the network
- Degrades network and application performance
- Wastes cycles on traffic it cannot analyse
- Does not scale to network speeds
- Disruptive to upgrade or replace
- Cannot be moved to or from out-of-band operation (detection vs prevention)
What are the advantages of the platform increasing network visibility?
By providing pervasive network visibility across public cloud (Amazon AWS and Microsoft Azure), private cloud (Openstack), virtualised and physical environments, the GigaSECURE SDP maximises the security tools efficacy and results in a more simplified and effective security architecture with an improved security posture.
How easily does the platform fit into existing IT environments?
The platform fits passively into the existing IT environments.
What are the advantages of the platform only sending traffic to the security tool it actually needs?
By sending only the traffic the security tools need you gain the following advantages:
- Increased tool efficiency (reduces tool costs by 10 times and saves 50% on time spent on tools)
- Eliminates waste cycles on traffic it cannot analyse
- Eliminates the costly need to upgrade an existing security tool
What are the most important security benefits the GigaSECURE Security Delivery Platform offers to organisations?
GigaSECURE Security Delivery Platform is able to collect, aggregate, pre-filter and decrypt data from all round the network and even the cloud. It then delivers just the right data to just the right security tools as well as being used for network and application performance monitoring tools.
On the left-hand side (see the GigaSECURE SDP diagram below) you can see that the connections for this security platform provide pervasive visibility across an on-premise data centre, remote site, a virtualised infrastructure and public cloud.
This new configuration gives security solutions broad network visibility, generation of and access to metadata, application session filtering and SSL traffic decryption as well as fault tolerance and scale.
The results are a more effective security architecture with an improved security posture. That is the transformative power of a GigaSECURE Security Delivery Platform.
The GigaSECURE Security Delivery Platform
The integrated physical and logical inline bypass capability is a key component of the GigaSECURE Security Delivery Platform that enables security administrators to simultaneously maximise threat prevention, security resilience and network uptime.
Using this approach, security architects can stop tool sprawl, cut tool costs and significantly shorten the time required to roll out threat prevention initiatives in their organisation.