Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 1

Bypass Switches

Intelligent Access and Monitoring Architecture Solutions

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 2

Network Security Trends

Table 1: Types of external agents by percent of breaches

Organized criminal group 24%

Unaffiliated person(s) 21%

External system(s) or site 3%

Activist Group 2%

Former Employee 2%

Another Organization 1%

Competitor 1%

Customer 1%

Unknown 45%

Source: Verizon security Surveyhttp://www.verizonbusiness.com/resources/reports/rp_2010-DBIR-combined-reports_en_xg.pdf

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 33

The Security Monitoring Access Challenge

Deploy today’s sophisticated

security and compliance monitoring tools

in-line in the network

while minimizing the risk of downtime

IPS

DLP

WAF

DAM

APM

NGF

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 44

The Bypass Switch Solution

Bypass switches provide fail-safe ports for in-line security devices. When security devices fail, the Bypass switch can automatically restore connectivity by bypassing the security devices.

• Provides peace of mind when deploying new technology in-line

• Protects against power, link, and application failure

• Flexibility for testing, upgrades, and moves

• Fully passive –when Bypass Switch loses power, the link is still up

Normal Operation

(Bypass Off)

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 55

Key Features

• Supports speeds from 10Mbps to 10Gbps

• Bypass switch configurations:

Basic - 4 Ports

High Density – up to 32 Ports

• Heartbeat and Link Fault detection

Identify application failure

Identify device failure

Detect link anomalies

• RMON statistics

• Remote management via CLI and Web GUI (on select models)

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 6

Bypass Switch Interface

10GigaBit iBypass Switch

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 77

Bypass Function Triggers

Loss of link between Bypass Switch and

toolo Tool maintenance or redeployment

Power loss to the Bypass Switch

Heartbeat failureo Power loss to the toolo Tool dropping packets due to

oversubscriptiono Tool processing packets too slowlyo Tool software hungo Tool hardware failure

Supports Fail Open and Fail Closed

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 88

Fail Open vs. Fail Closed

Bypass switches provide fail-safe ports for in-line security devices

IPS Failure

(Bypass On –

Fail OPEN)

IPS Failure

(Bypass On –

Fail CLOSED)

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 99

The Need for High Availability Monitoring

• If Bypass Switch fails OPEN to traffic, can you tolerate passing

traffic without monitoring while a tool is down?

– Intrusions and other attacks

– Data loss

– Compliance issues

• If Bypass Switch fails CLOSED to traffic, can you tolerate link down

while a tool is down?

– Loss of mission-critical applications

– Customers cannot be serviced

– $$$$$ impact

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 1010

Tap Mode While Bypassing

• Bypass Switch acts as a full-duplex breakout Tap while in Bypass ON mode (can be set via trigger or manually)

– Use IPS as IDS to test new signature sets

– Use as Tap when you don’t need a Bypass Switch

Fiber Copper

Half-duplex mirrored traffic

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 1111

Redundant Tools Protect Against Tool Failure

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 1212

Redundant Links Protect Against Link Failure

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 1313

Redundant Tools and Links Together

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 14

iBypass HD – Redundant Links & Tools

• Net Optics iBypass HD — High Density, eight Bypass Switches in a 1U appliance

• Four Dual Bypass Modules (DBMs)

o Configure DBM as two independent Bypass Switches

o Configure DBM as a single HA Bypass Switch with Tool redundancy and/or Link redundancy

o Configure as a Bypass Switch plus a Tap

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 1515

iBypass HD Features

• Manual (forced) Bypass On mode

– Take tool offline immediately in case of emergency• Acts as a Tap when traffic is bypassing the tool

– Test signature set out in IDS mode • Dual Heartbeat packets check both directions of data flow• Link Fault Detection (LFD) — fault mirroring across Link• Bypass Detection — signals tool that bypass is engaged• Fail-open and fail-closed modes• Remote monitoring (RMON) traffic statistics• RADIUS and TACACS+ authentication and authorization• Dual hot-swappable AC or DC redundant power supplies

Fiber Copper

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 1616

Summary - Bypass Switch Benefits

• Protects links with IPSs and otherin-line security monitoring tools against

– Power failure (IPS or bypass switch) – Tool failure (hardware, software hangs or slowdowns)

• Increases solution reliability by independently checking the IPS and supporting High Availability (HA) network architectures

• Provides capability to take tools offline instantly when problems occur

• Provides flexibility to remove IPSs without interrupting link traffic; also flexibility to use as Taps

• Increases traffic visibility with RMON traffic statistics and remote manageability

10GigaBit iBypass Switch

Net Optics Confidential and Proprietary

Net Optics Confidential and Proprietary 17

Net Optics, Inc.

www.netoptics.com

408.737.7777

Thank You!