Fundamentals of Optimising Your Wifi Network in Warehouse Environments.
In recent months we have seen an increase in organisations with warehouses or in the warehouse industry reaching out to…
What is the difference, and how can both approaches be used to create a next generation security posture?
Cast your mind back, when the Millennium Bug was destined to drop planes from the skies, traffic lights were mysteriously going to cease to operate and cars would run in to each other like a scene in a post-apocalyptic horror movie. This was about the same time that the majority of internet related breaches were stopped by routers with ACL’s, firewalls and good antivirus software.
Then came some smart tools that were fed from SPAN/Mirror ports and looked for matching signatures and rules that were deemed to be threatening and triggered alarms for investigation/remediation.
This is what is known as Passive Security. Passive Security is where tools receive a copy of network data and can either use this to store, or alert when a potential breach or anomaly occurs on the network. Passive security as also moved on from having tools installed on SPAN or MIRROR ports, to the use of
Network TAPS and Network Packet Brokers
Network Test Access Ports (TAPs) enable a copy of network data to be directed to your tools without risk of dropping packets, or over-subscription of your SPAN port (think of trying to run 80% utilised FDx link out through a HDx Span port!) Packet Brokers are also a part of the visibility fabric of the network, they are usually deployed in conjunction with TAPs or from SPAN ports and allow additional features including aggregation, regeneration, de-duplication, media conversion, filtering etc.
Packet Brokers have been such an important phase in the evolution of network security monitoring. They have not only helped to drastically reduce the cost of deploying passive tools, they also create the ability to replicate data to many tools, alleviating SPAN contention issues, enable you to aggregate feeds in to fewer tools, take the load off analysis tools by providing packet de-duplication and filtering.
No sooner were enterprises comfortable with the results of their forensic and IDS systems, then naturally the desire to block threats came and to stop sensitive documents from being leaked outside of the organisation, or stolen. With these tools needing to be a integral part of the data flow, they now had to be deployed inline to be able to do their job.
The use of inline tools is common place in enterprise networks, as we need to protect against a wide variety of attacks and data leakage originating from both internal and external sources.
Once you start to consider deploying inline tools, then there are many things you must consider as these tools now become a ‘bump in the wire’ and are critical to the flow of data through your network:
These challenges are easily overcome with the use of Ixia Network Packet Brokers and Ixia Bypass TAPS, as well as providing you with a much more resilient inline security infrastructure and improved security posture. We can also deploy these in high availability configuration to retain network resilience.
This diagram shows how using Ixia’s Bypass solutions combined with Packet Brokers you can take inline tools, and deploy strategically and safely, by taking them away from the critical fault domain whilst retaining their ability to protect and stop attacks just as they were deployed to. Please view this video to understand how Bypass solutions should be deployed:
More information on Ixia’s range of solutions and a link to some on our online shop can be found here
https://irisnetworks.co.uk/products/ixia/taps-packet-brokers/embed/#?secret=mMMvI6EPtb
Or via Ixia’s site here:
https://www.ixiacom.com/solutions/network-security
Iris Networks carry the complete range of solutions for Ixia, should you wish to discuss your requirements in more detail please call us on 01925 357770 or email [email protected]
Thankyou to Ixia for use of content for purposes of this blog.
