Story image

Key to inline security success: 'Traffic inspection and detection', exec says

15 Nov 16

Protecting both network performance and security in an organisation requires a delicate balancing act, according to Ixia.

That’s according to Jason Landry, senior solutions marketing manager at Ixia. He believes the key to successful inline security monitoring is to enable traffic inspection and detection without affecting network and application availability.

“If one of your security tools becomes congested or fails, you still want to be able to keep traffic moving, continue monitoring, and prevent a network or application outage,” says Landry.

“This is more difficult if you deploy inline security appliances behind the firewall in a serial configuration, because the clogged appliance stops all traffic. You can overcome this with redundant network paths but they are expensive and can lead to wastage.”

Landry explains that the goal of a security fabric is to provide security tools with the specific type of traffic they are designed to monitor, regardless of where that traffic is in the network, with complete resiliency.

“This increases the effectiveness of analytics and security tools, and optimises their data access. A security fabric intuitively and intelligently routes and load-balances the right data to the right tools, every time,” he explains.

A security fabric should include a bypass switch, which sends traffic back and forth to inline security tools located off the network, and network packet brokers that send traffic to specific tools for inspection and monitoring.”

Landry has identified a number of desirable features of a high-performing security fabric.

The first is network resilience that includes an external bypass switch, letting administrators maintain and fix tools without disrupting traffic flow or security monitoring.

Number two is tool visibility and efficiency. Landry says that tools need to aggregate traffic from multiple links and provide complete visibility to improve inspection and detection.

Two more key features being security resiliency and high availability. He explains that modular security fabric lets organisations incrementally increase resilience over time to achieve very high uptime for security monitoring.

“Deploying an extended security fabric with redundant network packet brokers (NPBs) eliminates the packet broker as a single point of failure. This is known as active-active configuration, and is essential for environments that require full failover,” says Landry.

Other features include context-aware data processing, security intelligence processing and maximum return on security budget.

“Monitoring requires processing an exploding amount of data. Your security infrastructure must be strong enough to protect your assets and data, while being efficient enough to not impact network or application response time,” explains Landry.

“It should also let you monitor traffic everywhere in your network and offer context-aware intelligence to optimise tool performance, and self-healing resiliency to completely recover from any tool failure.”

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”