VSS vProtector™ and PowerSafe™ modules on vBrokers can support active inline monitoring by both dual-port and single-port tools with either copper or fiber media type. Traditional active inline failsafe solutions typically only provide one-to-one network-to-tool mapping, or a simple one-to-one redundancy. VSS provides full flexibility in defining network-to-tool relationships and supports any-to-any traffic mapping between network segments and inline tools. Inline network segment to inline tool relationship may be one-to-one, one-to-many, many-to-one, or many-to-many. Multiple network segments can be aggregated to one or more inline tools. Flow-aware load balancing and speed conversion can be applied to ensure smooth and clean traffic distribution.
VSS allows you to set the type of protection your network infrastructure needs during power loss or during operation. With the PowerSafe feature, you can specify what happens to the inline network traffic when power is lost to the network infrastructure. Additionally, PowerSafeâ„˘ can be controlled on demand through manual configuration during operation of the system, such as when investigating active inline tool issues that might be affecting network traffic availability or performing tool maintenance updates.
PowerSafe enables you to enforce your organization's specific security policies in the event of power loss, or else manually, on demand. Behavior can be either Fail-Open, which allows the network traffic back to the network unmonitored, or Fail-Closed, which blocks the network traffic from continuing to flow unmonitored.
VSS supports comprehensive health checking for active inline tools. It is critical to know not only that the tool is available to receive and pass traffic, but that it is also actively inspecting and blocking traffic. VSS offers the unique ability to verify this with customizable positive and negative health check packets.
Positive health check packets test out the health and state of the hardware of the active monitoring tool, ensuring that it is powered and linked. Negative health check packets verify the software state of the active tool, ensuring that it is processing the live traffic, blocking applicable packets, and protecting the network. VSS extends health check capabilities even further by allowing users to customize health checks for their active tools.
Health check event triggers can be defined for:
Availability*: vBroker Series(VB220, VB420)
*Features may be optional add-ons or not available in all products within a series.