Expecting a PDF?
We created this solution brief as a web page for better mobile optimization and accessibility. If you'd still like a PDF version of this use case, you can download it here:
Network Edge Management
For enterprise networks that manage multiple data centers and hybrid cloud environments, the integration of Check Point Next Generation Threat Prevention & SandBlast (NGTX) Appliances and/or Distributed Denial of Service (DDoS) Protector with Garland EdgeLens® In-line Security Network Packet Broker provides a fail-safe bypass TAP along with advanced filtering, aggregating, regeneration and load balancing functionality.
100% Network Visibility and Access
Through the integration with Garland Technology EdgeLens, Check Point NGTX and/or DDoS Protector products can be configured in serial (chaining) or in parallel (load balancing) to meet your network security needs for up to four in-line devices. The EdgeLens is a fail-safe bypass TAP with a built in network packet broker for complete management of the edge of your network. Deploy in-line security tools and out-of-band monitoring tools while gaining 100% network access and visibility.
Manage Multiple Inline Security Tools
The EdgeLens is a failsafe bypass TAP with a built in network packet broker for complete management of the edge of your network. Deploy inline security tools and out-of-band monitoring tools while gaining 100% network access and visibility.
When your 1G tools can no longer keep up with your 10G network or if you need to connect multiple tools to one network link, EdgeLens provides flexibility and scalability for your network needs.
• TAP once and connect in-line security appliances
• TAP a 1G/10G link and deliver data to 1G and 10G tools
• TAP a 10G link and deliver data to 1G and 10G tools
Chaining Up to Four Inline Security Devices
Chaining or serial deployment creates a unified visibility layer by connecting all security appliances to each other and to EdgeLens. In a chaining scenario, all network traffic enters EdgeLens; it then sends data packets through the in-line security appliance chain. Each appliance analyzes the data, after the data is cleared EdgeLens copies and stores it for forensics analysis. This full visibility allows administrators to monitor data packets both before and after they pass through the security stack while maintaining network efficiency.
Advanced Load Balancing Four Inline Security Devices
Advanced load balancing is a cost effective strategy when you have a 10G link and multiple 1G appliances. Here, you see an EdgeLens packet broker with 12 ports. Traffic comes in from the 10G link between a router and a switch and is copied to two outof-band solutions, a forensics application and Wireshark. The traffic is then load balanced across four separate 1G Check Point NGTXs.
Benefits for IT Security Teams
• Support up to four active, in-line tools and multiple out-of-band monitoring tools
• Chaining (or serial) configuration provides 100% visibility allowing each appliance to analyze data
• Advanced load balancing (or parallel) configuration is a cost effective solution to maximize your 1G NGFW or DDoS investment
• Query before and after packet capture stores to validate policy changes
• Complete visibility and real-time monitoring both in-line and out-of-band tools
• Take appliances off-line for updates, maintenance or trouble shooting
About Check Point
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. Check Point provides the most comprehensive and intuitive one point of control security management system.
Garland Technology and Check Point provide security and resiliency at the edge of your network. Looking to add this solution, but not sure where to start? Join us for a brief network Design-IT Demo or consultation. No obligation - it’s what we love to do.
Firewalls are the most recognized security tool for safeguarding your network and are a critical component of any security infrastructure. Firewalls..
Somedays, it feels like the whole internet is slowing down, or like the critical applications you use on a day-to-day basis aren’t responding...
Threat hunting is one of the few IT terms I've come across that probably sounds cool to people who aren't engineers. But cyber threat hunting is..