Why Security Tools Need Inline Bypass

Optimize Resiliency, Performance, Security and Cost

Inline security tools — Web Application Firewalls (WAFs), Intrusion Prevention Systems (IPS) and Advanced Threat Protection (ATP) — are vital for securing your network, but can create their own problems, such as:
• They represent network points of failure.
• When an inline tool loses power, has a software failure or is taken off line for maintenance, critical applications can be stopped in their tracks.
• When network traffic peaks and security is most critical, inline tools can become bottlenecks that degrade application performance.
Fortunately, there’s an easily deployed, cost-effective solution: The Inline Bypass feature found in the GigaSECURE® Security Delivery Platform (GigaSECURE), the next-generation network packet broker purpose-built for security. Without much effort, Inline Bypass lets you:
• Prevent inline security tools from becoming single points of failure.
• Efficiently distribute network traffic across security devices, helping you avoid the high costs from purchasing large systems for every network link.
You can also make intelligent trade-offs between network performance and security,
such as:
• Choosing to inspect high-risk traffic while bypassing traffic for which lower latency is critical.
• Deploying security tools in out-of-band detection mode so they don’t affect network latency, but then, when an attack is detected, easily switching them into inline protection mode to block malicious activity in real time.

Keep Traffic Up and Running

Security tools sometimes go offline because of power outages, software and hardware failures, maintenance and replacement. GigaSECURE monitors your tools’ health and performance with bidirectional heartbeat packets. Then, when a tool does go offline or is overwhelmed by spikes in network traffic, GigaSECURE can bypass the tool and keep critical application traffic up and running.

Benefit from Next-Gen Capabilities

Your inline security tools’ limited traffic capacities may fall below the bandwidth of the network
traffic that needs inspection. Furthermore, as networks evolve from 10Gb to 40Gb and 100Gb,
deploying tools with matching high-speed interfaces may break limited budgets.
Here too GigaSECURE has you covered by distributing inline traffic across your security tools.
Not only does distribution increase your overall inspection capacity, but it also scales older,
lower-speed tools to secure higher-speed networks, improving your ROI.