Intelligent CISO Issue 54 | Page 15

latest intelligence
WHITE PAPER

DEPLOYING AN INLINE SECURITY ARCHITECTURE : KEY CONSIDERATIONS

Deploying an Inline Security Architecture : Key Considerations
Introduction
The key to successful inline security monitoring is to enable traffic inspection and detection without impacting network and application availability . If one of your security tools becomes congested or fails , you need to keep traffic moving , continue monitoring , and prevent a network or application outage . Some organizations deploy their inline security appliances behind the firewall in a serial configuration . With this design , if an appliance becomes congested or fails , traffic stops . Redundant network paths can help avoid this , but they require twice the number of tools . Ensuring both paths can handle the full volume of traffic is expensive and leaves tools on the inactive path underutilized during normal operations .
To address these issues , many organizations are deploying an underlying security architecture that can ensure failsafe operation of key security appliances and solutions , and also help these solutions operate more efficiently . This paper describes key functions of a high-performing security architecture — one that protects network availability and ensures continued inspection of everything crossing your network .
Find us at www . ixiacom . com
Your security architecture should enable failsafe deployment and efficent operation of security tools .
Page 1
PRESENTED BY

iIntroduction

The key to successful inline security monitoring is to enable traffic inspection and detection without impacting network and application availability . If one of your security tools becomes congested or fails , you need to keep traffic moving , continue monitoring , and prevent a network or application outage . Some organizations deploy their inline security appliances behind the firewall in a serial configuration . With this design , if an appliance becomes congested or fails , traffic stops . Redundant network paths can help avoid this , but they require twice the number of tools . Ensuring both paths can handle the full volume of traffic is expensive and leaves tools on the inactive path underutilized during normal operations .
To address these issues , many organizations are deploying an underlying security architecture that can ensure failsafe operation of key security appliances and solutions , and also help these solutions operate more efficiently . This paper describes key functions of a high-performing security architecture – one that protects network availability and ensures continued inspection of everything crossing your network .
Deploying bypass switches and network packet brokers together in your security architecture enables untrusted traffic from the internet ( in red ) to be passed by the bypass switch to an NPB which aggregates , filters , and load balances the traffic across the security tools and solutions you use to monitor for threats and attacks . After inspection is complete , the now trusted traffic ( in green ) passes into the enterprise and on to its intended destination . u
DOWNLOAD WHITEPAPERS AT : WWW . INTELLIGENTCISO . COM / WHITEPAPERS www . intelligentciso . com
15