Optimizing Cisco ASA / FirePOWER Upgrades Minimize downtime during security upgrades with an Ixia bypass switchMaintenance windows are precious. When it comes time to upgrade your ASA to a dedicated FirePOWER appliance, Ixia can help you minimize the time spent configuring a resilient path for FirePOWER upgrades. Installing an Ixia external bypass switch takes only about 4 minutes since it is already preconfigured for Cisco. Using the bypass switch in tap mode, traffic can still flow in your live network while also being replicated to the FirePOWER IPS. Once your IPS is configured, tested, and ready for deployment, it can be easily placed inline with no further network disruption. A typical IPS install can take anywhere from 2-4 hours. The benefit to network downtime from using an external bypass becomes significant when you have dozens of IPS upgrades.
White Paper: Plan Your Firewall Migration to Increase Security Resilience If you will be upgrading or migrating to a next generation firewall, take the opportunity to also review your overall security architecture. You spend significant time and money to implement, maintain, and upgrade your security infrastructure. Make sure your security tool architecture is designed to maximize value and efficiency. Limit the risk of downtime to your network. Keep your applications strong. All these benefits start with the simple addition of a bypass switch. For more advanced architectures, add a network packet broker. This paper examines how you can achieve these goals and implement a resilient security fabric—one that delivers a selfhealing, highly-available security architecture to complement your next-generation firewall (NGFW).
Taking the Risk and Cost Out of Security Upgrades Migrating to next-generation intrusion prevention systems (NGIPS) or other specialized security tools can be a costly proposition. It can also add risk. You will need to be ready for just about anything, and you can be, if you deploy new tools in tandem with external bypass switches, such as Ixia’s Intelligent Bypass (iBypass) solutions.Along with greater need to maintain high availability (HA), newer security devices deployed inline may also introduce single points of failure in that one failed appliance has the potential to bring down the entire link. Last but not least, the deployment itself may not go as planned, resulting in prolonged downtime and exposure and a too-costly use of precious maintenance windows.
Ixia iBypass: Avoid 5 Common Security Risks in One Easy Step With multi-million-dollar security breaches continuing to make headlines, businesses continue to invest in advanced security defenses—next-generation firewalls and intrusion prevention systems (NGFW and NGIPS), data leak prevention (DLP), distributed denial of service (DDoS) mitigation, and others. But along with the obvious challenge of having to manage the growing complexity, deploying multiple security elements inline can introduce new vulnerabilities and put availability at risk. Several of these can be overcome by installing a simple, low-cost device called a bypass switch along with new security elements. At the most basic level, a bypass switch adds a layer of protection against planned and unplanned events taking down security devices and entire network links. Bypass intelligence removes risk and cost during deployment and day-to-day operation, preventing vulnerabilities from arising as you build out your state-of-the-art security infrastructure.
Ixia Bypass Switches Overview of how using Ixia External Bypass Switches safeguards your networks. Learn more at http://www.ixiacom.com/products/bypass-switches
www.youtube.com Cisco Inline Security Resilience with Ixia Bypass Scaling FirePower Inline or Out – Doug Hurd, of Cisco Security, discusses how Ixia's Visibility Architecture helps get monitoring data to its FirePowerPlatform.Learn more at https://www.ixiacom.com/resources/cisco-and-ixia-extend-security-everywhere-more-visibility-and-control
www.youtube.com Case Study: Manufacturer Choose Bypass for Next-Gen Firewall STANDALONE BYPASS SUPPORTS FAIL-SAFE OPERATION OF CISCO SECURITY APPLIANCE After a demonstration that showed information leaving the company and going to China in an unsecure fashion, this Global 500 manufacturer of HVAC equipment and automotive devices received CFO approval to purchase the appliances necessary for inline security monitoring. They chose the Cisco ASA with FirePOWERTM for its advanced functionality, and the network team looked for a way to support real-time monitoring, while also protecting network availability. Ixia provided the solution they needed.
Solution Brief: 3 Ways to Improve Cisco FirePOWER Deployments with Ixia Bypass Solutions The costs, and downtime associated with breaches can seriously impact the bottom line, so companies continue to invest in a wide range of sophisticated security defenses. For example, solutions such as Cisco FirePOWER deliver threatfocused, next-generation intrusion prevention system (NGIPS) capabilities along with advanced malware protection (AMP) to enable continuous threat protection. While newer solutions can dramatically enhance security, the process of migrating to a new infrastructure may add complexity and introduce new challenges. These can include having to take links out of service during deployment, and to include external bypass to ensure resilience.
