Security Tool Chaining in DMZ with Big Monitoring Fabric Inline
Securing enterprise networks and online assets is of paramount importance for any modern IT organization. The ever increasing reliance on the network for critical business functions has, in parallel, resulted in an explosion of cyber threats.
With Big Monitoring Fabric™, you can now not only monitor networks out-of-band, but also enable visibility and threat mitigation for your production traffic in the DMZ.
The Big Switch Networks® Approach: SDN Software Meets Commodity Hardware
Enterprise network and security teams are tasked with designing and maintaining a high-performance, resilient and always-on network, while ensuring that it is compliant and secure against intrusions and other threats. A common network security design to achieve these goals involves separating the network into trusted and untrusted zones, and deploying security and network monitoring tools in a DMZ environment (between the two zones). By virtue of being inline, security tools can assess every packet that traverses between trusted and untrusted zones) and, actively prevent or block intrusions.
Big Monitoring Fabric (Inline Mode) can be deployed in a highly available (HA) configuration to enable visibility and threat mitigation in the DMZ and addresses the challenges faced by traditional solutions while offering lower-cost and SDN-centric operational simplicity.
Big Monitoring Fabric ensures maximum resilience against network and tool failures. Using the centralized and programmable SDN controller based design brings automated feedback loops allowing multi-team operational workflows and optimal tool utilization.
For more information, download our whitepaper “Security Tool Chaining in a DMZ with Big Monitoring Fabric”