Deploying Inline Intrusion Prevention Systems (IPS) with Bypass Switches Deploying Inline Intrusion Prevention Systems (IPS) with Bypass SwitchesAs a network professional, you rely on your instrumentation tools to maintain network security, performance and availability. To achieve these goals, organizations use Intrusion Prevention Systems (IPS) that monitor and actively intervene they detect malicious traffic and threats.Manage Network Downtime and Points of Failure when Deploying Inline ToolsWhen deploying inline IPS or IDS monitoring tools, it is important to understand how they may introduce a potential failure point in your network. If the device needs to be taken offline at any time for scheduled or unscheduled maintenance; or if it loses power or becomes non-responsive due to oversubscription or excessive load, the network link will be broken and network traffic will cease to flow. IPSs are designed for maximum reliability, with features such as redundant configurability, link down synchronization, and hardware watchdogs. However, any internal fail-open capability is susceptible to the failure of the IPS device itself. Utilizing a Net Optics Bypass Switch provides an external and independent solution to maintain network uptime.
Data Sheet: Ixia Net Optics iBypass 40Gb Ixia Net Optics iBypass 40Gb is an intelligent bypass switch that provides the inline tool it protection of the network links with inline deployments. The iBypass 40Gb augments network-monitoring capability through the use of microsecond resolution heartbeat packets, SNMP Traps, field upgradable software, and an easy-to-use Web UI.
Cisco Inline Security Resilience with Ixia Bypass Scaling FirePower Inline or Out – Doug Hurd, of Cisco Security, discusses how Ixia's Visibility Architecture helps get monitoring data to its FirePowerPlatform.Learn more at https://www.ixiacom.com/resources/cisco-and-ixia-extend-security-everywhere-more-visibility-and-control
www.youtube.com Case Study: Manufacturer Choose Bypass for Next-Gen Firewall STANDALONE BYPASS SUPPORTS FAIL-SAFE OPERATION OF CISCO SECURITY APPLIANCE After a demonstration that showed information leaving the company and going to China in an unsecure fashion, this Global 500 manufacturer of HVAC equipment and automotive devices received CFO approval to purchase the appliances necessary for inline security monitoring. They chose the Cisco ASA with FirePOWERTM for its advanced functionality, and the network team looked for a way to support real-time monitoring, while also protecting network availability. Ixia provided the solution they needed.
Solution Brief: 3 Ways to Improve Cisco FirePOWER Deployments with Ixia Bypass Solutions The costs, and downtime associated with breaches can seriously impact the bottom line, so companies continue to invest in a wide range of sophisticated security defenses. For example, solutions such as Cisco FirePOWER deliver threatfocused, next-generation intrusion prevention system (NGIPS) capabilities along with advanced malware protection (AMP) to enable continuous threat protection. While newer solutions can dramatically enhance security, the process of migrating to a new infrastructure may add complexity and introduce new challenges. These can include having to take links out of service during deployment, and to include external bypass to ensure resilience.
White Paper: Plan Your Firewall Migration to Increase Security Resilience If you will be upgrading or migrating to a next generation firewall, take the opportunity to also review your overall security architecture. You spend significant time and money to implement, maintain, and upgrade your security infrastructure. Make sure your security tool architecture is designed to maximize value and efficiency. Limit the risk of downtime to your network. Keep your applications strong. All these benefits start with the simple addition of a bypass switch. For more advanced architectures, add a network packet broker. This paper examines how you can achieve these goals and implement a resilient security fabric—one that delivers a selfhealing, highly-available security architecture to complement your next-generation firewall (NGFW).
White Paper: Architecting for Security Resilience Continuous investment is what drives today’s network security. Threats evolve rapidly so enterprises must add, maintain, and upgrade their frontline security multiple times per year. What was once a firewall now also includes a next-gen firewall, web-application firewall (WAF), intrusion detection and prevention system, forensics tools and more. You purchase security tools to protect your network, but what have you done to protect your tools?
White Paper: Ixia 360 Degree Security When it comes to security, the industry focuses primarily on layers of defense against cyber-attacks. While a good defense is essential, it crumbles under pressure when not balanced with a good offense. Testing and training against realistic loads and cyberattacks before a product or service is deployed uncovers performance and security issues early. Prevent attacks from occurring in the first place and your operational costs will drop. Discovering vulnerabilities at earlier stages is much less expensive for both your products and your business.
Buying Guide: Which Bypass Belongs in Your Network Choosing the Right iBypassBypass Switches are in-line devices that provide fail-safe protection for in-line security and monitoring devices, such as an Intrusion Prevention System (IPS), Web Application Firewalls (WAFs), and many others. Ixia offers a wide array of different iBypass switch products that handle different high availability features, speeds, and media types. If you are looking to deploy any tools inline please read on to find the right iBypass product for your deployment.
Ixia Bypass Switches Overview of how using Ixia External Bypass Switches safeguards your networks. Learn more at http://www.ixiacom.com/products/bypass-switches
www.youtube.com Case Study: University Of Texas
Data Sheet: Ixia Net Optics iBypass 40-10
Data Sheet: Ixia Net Optics iBypass HD
Data Sheet: Ixia Net Optics iBypass 1Gb Fiber Ixia Net Optics iBypass 1Gb Fiber switch with Heartbeat technology protects against power, link, and application loss. The iBypass switch features remote interfaces that allow remote switching and provide access to baseline traffic statistics, including utilization levels from anywhere in the network.
Data Sheet: Ixia Net Optics iBypass 10Gb Fiber Ixia Net Optics iBypass 10Gb Fiber is designed for inline fail-safe link protection against power, link, and application loss. The iBypass switch features remote interfaces that allow remote management and access and provide traffic statistics, iBypass state, and Heartbeat packet configuration.
