Advanced cyber attacks continue to increase both in severity and in the number of systems that are affected. New comprehensive strategies are the best defense against these threats.
Defense-in-Depth Strategy Is Based on Security in Layers
Defense-in-depth is an information assurance strategy in which multiple layers of defense are placed throughout the network and data centers. The idea behind this approach is to defend the data center against any particular attack using several, varying methods. The concept of security in layers is important from the perspective that no single system can tackle emergent cyber threats facing us today. Therefore it's necessary to gain complete visibility and an ability to groom the traffic data at origin and filter out the types of data that are of no concern for cyber security.
Traditional Approaches to Defense-in-Depth Strategy Aren't Scaling
The problem now is the myriad of security and analytics tools required to protect network links in the data center. The traditional 1:1 connection approach of security tools to network links is inefficient, costly, and unable to scale. Infosec teams are now challenged with CAPEX and OPEX constraints to comprehensively defend against the latest cyber threats.
VSS Protector Series Improves Your Defense-in-Depth Strategy
Part of the VSS Network Packet Broker, the Protector Series optimizes and scales your defense-in-depth strategy. This allows next generation firewall or IPS systems, in conjunction with email and web threat prevention systems, to detect the traffic relevant to its unique function - without becoming overloaded having to parse out the useless data. In fact, traffic can pass through several in-line security tools (i.e. Security Layers) maximizing their throughput capabilities; each Protector Series appliance can handle 480Gbps of concurrent throughput in a non-blocking manner.
The VSS system is second to none in terms of throughput, port density, feature sets and customer readiness. Based on the IntelliScale Architecture, its advanced feature set includes Selective Aggregation, Session-Aware Load Balancing, Hardware-based Filtering, System Management, Intelligent Stacking, Customizable Health Checks, and Trigger-Based Redirection Policies.
Benefits of Optimizing Security in Layers With the VSS Protector Series
- Obtain 100% network coverage protection and visibility within your CAPEX and OPEX budget
- Aggregate and filter non-priority traffic to reduce payload to security tools, avoiding oversubscription and missed packets
- Utilize session-aware load balancing to avoid security tool oversubscription and missed packets
- Stack multiple Protector Series vNodes to scale security tool optimization for resilience and load
- Set security tool health checks and fail-over triggers to meet your security policies
|
|
|
