Cyber security and compliance do not begin and end with a firewall. Additional appliances such as Intrusion Detection Systems (IDS), Data Loss Prevention (DLP) and Security Information and Event Management (SIEM) are necessary to build a robust network security profile. To connect all the required security appliances to every link is costly and detrimental to overall network reliability. Network appliances need full visibility all the time to provide strong security against persistent attacks. The solution is to connect all security appliances to a unified platform that is simple to deploy, provides 100% visibility to data flows, and has no negative impact on system reliability or availability.
The Visibility Architecture
Tapping network links at the Core, Distribution and Access layer requires you to access traffic from many links. This diagram shows how to optimize your tap strategy for cost, performance and reliability. The foundation is to insert a passive optical TAP into each network link. Optical TAPs split the light from the network, sending a mirror copy of the network traffic to a Network Packet Broker (NPB) for aggregation and distribution to the monitoring tools. Optical TAPs require no power, so the network links continue to pass traffic even if power to the monitoring equipment fails. Optical TAPs are flexible and can be designed for single mode and multi-mode fiber at speeds from 10Mbps to 100Gbps.
Once all the links are tapped, the traffic is passed to a Network Packet Broker which provides intelligent features required to aggregate the traffic from many links into a variety of traffic streams.
If aggregated traffic is greater than the capacity of any single monitoring tool, the NPB can equally distribute the load to multiple monitoring tools, providing flexibility and scalability as your network changes and grows.
Using other advanced features, the NPB can mask confidential information contained in packet payloads and or strip the payload altogether, providing compliance with data privacy regulations.
Using optical fiber taps feeding all traffic to an intelligent Network Packet Broker saves overall cost by lowering TAP and monitoring tool costs, while providing complete traffic visibility for more accurate analysis and output.