Optimize Inline Tool Performance
Challenge: How to optimize inline tool performance to ensure threat protection?
After recent data breaches for some of our critical links. Our CIO tasked the security team to reduce our overall MTTR after such incidents.
Mean time to repair / resolution (MTTR) is a measure of troubleshooting as the average time required to repair a failed component or device. Higher MTTRs means that more time and resources are taken for the network to recover from a problem, while a lower MTTR reflects the better off a business network may be.
We had our IPS and firewalls deployed and we thought were blocking any potential threats. Our question was, why were we missing threats? We need complete visibility into malicious web application activity in their network, and was lacking the ability to trouble-shoot if their IPS tools were configured properly to address this issue.
Before and After Optimization & Validation
Adding packet capture and storage capabilities to your inline deployment, provides the next evolution of active blocking. If you experience a breach, now you have data for historical look back built-in, for look back forensics or before and after optimization.
Analyze packet data before and after your inline device to ensure optimal tool performance to validate any updates or troubleshoot why threats weren’t blocked.
Garland’s EdgeLens line of bypass TAP packet broker hybrids, provides visibility to out-of-band packet capture, storage and analysis tools the traffic from your inline IPS, Firewalls and WAFs. Capturing traffic before it goes into the inline tool and after, allows you to send both copies of data to out-of-band packet capture, storage and analysis tools. This solution allows you to analyze your inline device to see if it is configured properly or if it may be missing the threat.
• Provide easy to correlate events generated by IPS/NGFW PCAP data
• Enable real-time security proof-of-concept evaluations without impacting the network
• Validate changes or updates that your tool is configured properly
• Increase efficiency of inline and out-of-band tools
• Reduce network downtime, with inline lifecycle management