Post on 02-Jan-2016
description
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 1
Bypass Switches
Intelligent Access and Monitoring Architecture Solutions
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 2
Network Security Trends
Table 1: Types of external agents by percent of breaches
Organized criminal group 24%
Unaffiliated person(s) 21%
External system(s) or site 3%
Activist Group 2%
Former Employee 2%
Another Organization 1%
Competitor 1%
Customer 1%
Unknown 45%
Source: Verizon security Surveyhttp://www.verizonbusiness.com/resources/reports/rp_2010-DBIR-combined-reports_en_xg.pdf
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 33
The Security Monitoring Access Challenge
Deploy today’s sophisticated
security and compliance monitoring tools
in-line in the network
while minimizing the risk of downtime
IPS
DLP
WAF
DAM
APM
NGF
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 44
The Bypass Switch Solution
Bypass switches provide fail-safe ports for in-line security devices. When security devices fail, the Bypass switch can automatically restore connectivity by bypassing the security devices.
• Provides peace of mind when deploying new technology in-line
• Protects against power, link, and application failure
• Flexibility for testing, upgrades, and moves
• Fully passive –when Bypass Switch loses power, the link is still up
Normal Operation
(Bypass Off)
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 55
Key Features
• Supports speeds from 10Mbps to 10Gbps
• Bypass switch configurations:
Basic - 4 Ports
High Density – up to 32 Ports
• Heartbeat and Link Fault detection
Identify application failure
Identify device failure
Detect link anomalies
• RMON statistics
• Remote management via CLI and Web GUI (on select models)
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 6
Bypass Switch Interface
10GigaBit iBypass Switch
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 77
Bypass Function Triggers
Loss of link between Bypass Switch and
toolo Tool maintenance or redeployment
Power loss to the Bypass Switch
Heartbeat failureo Power loss to the toolo Tool dropping packets due to
oversubscriptiono Tool processing packets too slowlyo Tool software hungo Tool hardware failure
Supports Fail Open and Fail Closed
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 88
Fail Open vs. Fail Closed
Bypass switches provide fail-safe ports for in-line security devices
IPS Failure
(Bypass On –
Fail OPEN)
IPS Failure
(Bypass On –
Fail CLOSED)
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 99
The Need for High Availability Monitoring
• If Bypass Switch fails OPEN to traffic, can you tolerate passing
traffic without monitoring while a tool is down?
– Intrusions and other attacks
– Data loss
– Compliance issues
• If Bypass Switch fails CLOSED to traffic, can you tolerate link down
while a tool is down?
– Loss of mission-critical applications
– Customers cannot be serviced
– $$$$$ impact
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 1010
Tap Mode While Bypassing
• Bypass Switch acts as a full-duplex breakout Tap while in Bypass ON mode (can be set via trigger or manually)
– Use IPS as IDS to test new signature sets
– Use as Tap when you don’t need a Bypass Switch
Fiber Copper
Half-duplex mirrored traffic
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 1111
Redundant Tools Protect Against Tool Failure
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 1212
Redundant Links Protect Against Link Failure
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 1313
Redundant Tools and Links Together
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 14
iBypass HD – Redundant Links & Tools
• Net Optics iBypass HD — High Density, eight Bypass Switches in a 1U appliance
• Four Dual Bypass Modules (DBMs)
o Configure DBM as two independent Bypass Switches
o Configure DBM as a single HA Bypass Switch with Tool redundancy and/or Link redundancy
o Configure as a Bypass Switch plus a Tap
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 1515
iBypass HD Features
• Manual (forced) Bypass On mode
– Take tool offline immediately in case of emergency• Acts as a Tap when traffic is bypassing the tool
– Test signature set out in IDS mode • Dual Heartbeat packets check both directions of data flow• Link Fault Detection (LFD) — fault mirroring across Link• Bypass Detection — signals tool that bypass is engaged• Fail-open and fail-closed modes• Remote monitoring (RMON) traffic statistics• RADIUS and TACACS+ authentication and authorization• Dual hot-swappable AC or DC redundant power supplies
Fiber Copper
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 1616
Summary - Bypass Switch Benefits
• Protects links with IPSs and otherin-line security monitoring tools against
– Power failure (IPS or bypass switch) – Tool failure (hardware, software hangs or slowdowns)
• Increases solution reliability by independently checking the IPS and supporting High Availability (HA) network architectures
• Provides capability to take tools offline instantly when problems occur
• Provides flexibility to remove IPSs without interrupting link traffic; also flexibility to use as Taps
• Increases traffic visibility with RMON traffic statistics and remote manageability
10GigaBit iBypass Switch
Net Optics Confidential and Proprietary
Net Optics Confidential and Proprietary 17
Net Optics, Inc.
www.netoptics.com
408.737.7777
Thank You!