Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Upgrading Your Firewall? Its Time for an Inline Security Fabric

213 views

Published on

Ajay Pandey, Enterprise Solution Architect, APAC IXIA

Published in: Technology
  • The final result was amazing, and I highly recommend ⇒ www.HelpWriting.net ⇐ to anyone in the same mindset as me.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Have u ever tried external professional writing services like ⇒ www.HelpWriting.net ⇐ ? I did and I am more than satisfied.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Got a new Iphone 6 in just 7 days completing surveys and offers! Now I'm just a few days away from completing and receiving my samsung tablet! Highly recommended! Definitely the best survey site out there! ★★★ http://t.cn/AieXAuZz
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Upgrading Your Firewall? Its Time for an Inline Security Fabric

  1. 1. 1© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | UPGRADING YOUR FIREWALL? IT’S TIME FOR AN INLINE SECURITY FABRIC Ajay Pandey, MS(Boston), LL.B, CCIE #14792 (R&S/Sec), CISSP, CISA Enterprise Solutions Architect - APAC
  2. 2. 2© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | 106 / hour 66%Growth in information-based security incidents from 2014 to 20152 25%Chance that your organization will be breached over next 24 months3 $550kAverage cost of unplanned outage for enterprises, growing 15% annually2 Average number of malware hits1 1 ZK Research Study for Ixia, April 2016 ATTACKS CONTINUE TO RISE 2 Kaspersky Lab, Cost of Security Breaches, September 2015 3 Ponemon Institute, Data Breach Study, May 2015
  3. 3. 3© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Server Switch Switch Switch  Single points of failure  Administrative tension  Tools not used efficiently  Difficult to scale INLINE SECURITY IS EXPANDING
  4. 4. 4© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | • Increased risk of downtime • Upgrade disruption • Inefficient use of budget and limit on ROI • Difficult to scale • Incomplete security monitoring DISADVANTAGES OF CURRENT PRACTICES
  5. 5. 5© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch INCREASED RISK OF DOWNTIME
  6. 6. 6© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch Bypass Switches Bypass Switches ELIMINATE DOWNTIME FROM TOOL FAILURES Monitored Tool Links via Heartbeat Packets
  7. 7. 7© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch UPGRADE & MAINTENANCE DISRUPTIONS
  8. 8. 8© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch Bypass Switches Bypass Switches ELIMINATE UPGRADE / MAINTENANCE DISRUPTION Monitored Tool Links via Heartbeat Packets
  9. 9. 9© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch Bypass Switches Bypass Switches INEFFICIENT CAPACITY UTILIZATION
  10. 10. 10© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch MAXIMIZE CAPACITY USAGE Bypass Switch Bypass Switch Network Packet Broker (NPB) • Aggregate security tool capacity • Selectively route traffic to security tools Monitored Tool Links via Heartbeat Packets
  11. 11. 11© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch Bypass Switches Bypass Switches DIFFICULT TO SCALE CAPACITY
  12. 12. 12© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch SIMPLE CAPACITY SCALABILITY Bypass Switch Bypass Switch Network Packet Broker (NPB) • Aggregate security tool capacity • Selectively route traffic to security tools • Load balance traffic across security tools
  13. 13. 13© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Switch Server Switch Server Switch Switch SINGLE POINT OF FAILURE Bypass Switch Bypass Switch Network Packet Broker (NPB)
  14. 14. 14© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Inline Security Tool Farm Switch Server Switch Server Switch Switch Bypass Switch Bypass Switch High-Availability (HA) Network Packet Brokers HIGH AVAILABILITY IXIA SECURITY FABRICTM
  15. 15. 15© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Inline Security Tool Farm Switch Server Switch Server Switch Switch Bypass switch Bypass switch Out-of-band sandboxing CONNECT OUT-OF-BAND SECURITY TOOLS High-Availability (HA) Network Packet Brokers
  16. 16. 16© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | Reduce Network Downtime • Failsafe inline security deployments • HA configuration with no single points of failure Increase Tool Efficiency • Intelligent routing of traffic based on content • Load balancing reduces congestion and extends tool life Improve Inspection and Security Monitoring • Increase monitored network segments • Improve security resilience with HA configuration SUMMARY Benefits of Deploying Ixia Security Fabric
  17. 17. 17© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | CYBER RANGE SCENARIO EXAMPLE
  18. 18. 18© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | 18 BREAKINGPOINT PERFORMANCE #S (BANDWIDTH PER CHASSIS) 960Gbps Apps Throughput Applications 24Million TCP CPS Connection Rate 720 Capacity Million HTTP CC 12M SSL Capacity Concurrent SSL Flows 2.4M SSL CPS SSL Connection Rate 240 SSL Throughput Gbps SSL Throughput Performance in two-arm mode, With clients and servers simulated on same blade
  19. 19. 19© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. |
  20. 20. 20© 2016 IXIA AND/OR ITS AFFILIATES. ALL RIGHTS RESERVED. | THANK YOU

×