Going Inline: The Blunt Truth
Going inline to protect your network sounds like a secure move, but it’s one that comes with unseen pitfalls that may create issues later if not accounted for at the early stages of a network deployment.
Why Go Inline at All?
Not having your security tools inline protecting your network seems out of the question, since just monitoring your network for threats and then taking action based on that information practically requires you to have three pairs of hands and two pairs of eyes — not to mention a quantum brain. And that may still not be enough with the number of threats present on the internet.
Go Inline or Go Home
Going inline with security tools is a standard practice that provides your network with first-level defense. If the network doesn’t have a firewall or an intrusion prevention system (IPS) in place, then it may as well be a home network, even if the routers have a built-in firewall.
Duh! It’s Easy — Just Tap the Link
While going inline might be as simple as literally breaking your uplink into two wires and plugging those into your security tool, this can unleash unseen forces that may not let the Force be with you later.
Let’s take a deeper look at how to make sure these forces never awaken.
Never Go Just Inline
This doesn’t mean you shouldn’t deploy your security tools inline — rather, it means don’t deploy them without a next-generation network packet broker (NGNPB). This not only provides an additional layer between your network and security, but it also ensures a reliable, high performance network.
How Is It Different?
Just like a firewall is designed to keep the threats out of the network or a switch is designed to switch frames between hops, similarly, an NGNPB is designed to ensure that your inline security solutions are deployed with ease.
An NGNPB sits between your network and your security tools and provides an additional layer of peace of mind. It will not only provide a good base for network deployments at an early stage, but also keep things running smoothly as the network grows.
What Can It Do for Me?
An NGNPB will provide you an additional control of the traffic that’s flowing in your network and the traffic that’s going to your tools. Let’s take a look at it visually to get a better picture.
With an NGNPB handling inline traffic, you now have full control of how your traffic flows to your individual tools. It can keep track of tools’ health and bypass a tool if needed to protect your network uptime.
Not only that, it can also help you bring back from the closet old tools that became unusable after your network upgrade. Now you can have a 40G network and still put a 10G tool inline by sending it only the traffic it can handle. Not only is your network availability amplified, but your security tools can also perform at higher efficiency.
And it doesn’t stop there. An NGNPB can cater to all of your out-of-band traffic needs in the same place as well. Imagine doing SSL decryption, removing duplicates or slicing headers for your security tools to make them more efficient — all in one stop.
Consider a real-world scenario — without an NGNPB in place — in which a new security tool needs to be tested inline. Imagine the number of maintenance windows that would need to be scheduled just to physically put the tool in place. Then imagine the windows of off-business hours and the number of people involved to test this tool. Without an NGNPB, the mean time to bring an inline tool online varies from days to weeks, at least.
Now imagine that scenario with an NGNPB in place. Bringing a new security tool online becomes as simple as plugging it into the NGNPB and powering it up. The rest of the setup can be done through the NGNPB without any downtime or interruptions, reducing deployment time from days to as little as 15 minutes. (This statistic is from a real-life SecOps team.)
In a nutshell, deploying inline solutions can be a big headache, but with help of an NGNPB it becomes a breeze.
For more, read the “Definitive Guide™ to Next-Generation Network Packet Brokers” to learn how to boost efficiency and effectiveness while reducing risk, complexity and costs.
Featured Webinars
Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.
CONTINUE THE DISCUSSION
People are talking about this in the Gigamon Community’s Networking group.
Share your thoughts today