The days when firewalls alone could defend corporate networks are long gone.
Today, security architects are realizing that the most productive way to protect enterprise networks is to deploy active, in-line security appliances at the edge of the network for active blocking.
The problem is that there are many impressive specialized security solutions—but none of them can cover 100% of your security needs. Now, you need 3 or 4 security solutions, but how do you deploy that stack? A bypass TAP worked when you only had two in-line appliances between a switch and a router, but security needs are surpassing this use case.
Luckily, you can use the EdgeLens® to chain the edge and support 4 active, in-line devices for active blocking. Here’s how.
Imagine a scenario where you have two connections at the edge and a couple of connection to a DMZ or web server. You might have a bypass TAP here to hook up an intrusion prevention system (IPS), but management comes in and tells you that you need a DDoS appliance on that link, too. It won’t be long until you’re adding an SSL decryptor and data leakage protection solution as well.
With so many active, in-line security appliances to deploy on one link, you have a couple of options:
These two ineffective connectivity strategies leave security architects needed a new answer.
Having all of these appliances stacked on a single link is a security architecture challenge that many professionals haven’t faced and, as a result, don’t have a strong strategy for. Chaining the edge with the EdgeLens network packet broker is the most efficient way to ensure network visibility and uptime in this situation.
The following EdgeLens use case is geared toward large, high-traffic enterprises (for example, in the retail or financial services industries):
The EdgeLens supports bypass mode for each in-line security appliances. which enables network troubleshooting and guarantees network uptime even in this complicated use case. In this scenario, if there are network performance issues, each appliance can be moved from active, in-line to passive, out-of-band to identify the problem area.
The new network reality is a hybrid network supporting internal business apps and cloud-based solutions—all of which function at the network’s edge. If you want to manage and secure these applications and solutions, you need a more efficient way to connect in-line and out-of-band devices.
To learn more about the new world of network edge management, download our free white paper, Managing the Edge of the Network: A New Necessity for Security Architects.