sb-nz logo
Story image

Key to inline security success: 'Traffic inspection and detection', exec says

Protecting both network performance and security in an organisation requires a delicate balancing act, according to Ixia.

That’s according to Jason Landry, senior solutions marketing manager at Ixia. He believes the key to successful inline security monitoring is to enable traffic inspection and detection without affecting network and application availability.

“If one of your security tools becomes congested or fails, you still want to be able to keep traffic moving, continue monitoring, and prevent a network or application outage,” says Landry.

“This is more difficult if you deploy inline security appliances behind the firewall in a serial configuration, because the clogged appliance stops all traffic. You can overcome this with redundant network paths but they are expensive and can lead to wastage.”

Landry explains that the goal of a security fabric is to provide security tools with the specific type of traffic they are designed to monitor, regardless of where that traffic is in the network, with complete resiliency.

“This increases the effectiveness of analytics and security tools, and optimises their data access. A security fabric intuitively and intelligently routes and load-balances the right data to the right tools, every time,” he explains.

A security fabric should include a bypass switch, which sends traffic back and forth to inline security tools located off the network, and network packet brokers that send traffic to specific tools for inspection and monitoring.”

Landry has identified a number of desirable features of a high-performing security fabric.

The first is network resilience that includes an external bypass switch, letting administrators maintain and fix tools without disrupting traffic flow or security monitoring.

Number two is tool visibility and efficiency. Landry says that tools need to aggregate traffic from multiple links and provide complete visibility to improve inspection and detection.

Two more key features being security resiliency and high availability. He explains that modular security fabric lets organisations incrementally increase resilience over time to achieve very high uptime for security monitoring.

“Deploying an extended security fabric with redundant network packet brokers (NPBs) eliminates the packet broker as a single point of failure. This is known as active-active configuration, and is essential for environments that require full failover,” says Landry.

Other features include context-aware data processing, security intelligence processing and maximum return on security budget.

“Monitoring requires processing an exploding amount of data. Your security infrastructure must be strong enough to protect your assets and data, while being efficient enough to not impact network or application response time,” explains Landry.

“It should also let you monitor traffic everywhere in your network and offer context-aware intelligence to optimise tool performance, and self-healing resiliency to completely recover from any tool failure.”

Story image
Entrust acquires HyTrust, with aim to improve data encryption solutions
Entrust says the acquisition will bolster its effort to deliver data protection and compliance solutions to its customers, while accelerating their digital transformations.More
Story image
Trend Micro adds cloud-native container security to Cloud One Services Platform
Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimise application downtime across Kubernetes environments.More
Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More
Story image
Check Point exposes Android malware vendor using dark net to rebrand products
Check Point security researchers have exposed an Android malware vendor using a marketer on the dark net to rebrand its products, with the intention of supercharging business and throwing off security vendors. More
Story image
APAC secure content management market to hit $2.2 billion by 2024
The proliferation of cloud-based deployments will largely drive this, the report says, as the COVID-19 pandemic motivates more enterprises to move their workloads to the cloud and rely more on the internet. More
Story image
The Dark Web: Not all as bad as it may seem - expert
While there is the perception that the dark web is mainly a hub for criminal activity, there are many other reasons why someone may use it.More