GigaSECURE and Inline Bypass

Inline bypass in the GigaSECURE® Security Delivery Platform supports inline and out-of-band network security deployments from the same platform. It provides the ability to load balance both inline and out-of-band security tools as well as to bypass inline security tools in the event of failure.

Many security tools work inline with the network traffic to prevent malware and malicious activities in real-time. Many other security tools work out-of-band for detection and incident generation purposes. The GigaSECURE Security Delivery Platform provides a common platform to serve traffic feeds to both inline and out-of-band security deployments.

When serving inline security deployments, the GigaSECURE platform provides the ability to load balance traffic across multiple inline security solutions, as well as the ability to guide traffic serially to different inline security tools, each providing different levels of protection. Traffic can be distributed to the security tools based on a variety of criteria, while ensuring that forward and reverse traffic for a given flow always goes to the same security tool.

The platform also provides resiliency and protection in the event that any of the inline security tools experiences a failure, both in load balanced mode as well as when inline tools are connected in a serial fashion, thereby ensuring that network traffic forwarding is not disrupted in the event of a failure.

Security tools can also be moved from out-of-band to inline and vice versa with no disruption to the network.

The GigaSECURE Security Delivery Platform with inline bypass:

■   maximizes tool efficacy
■   increases scale of security monitoring
■   provides seamless add, remove, and upgrade of tools
■   consolidates multiple points of failure into a single, bypass-protected solution
■   integrates inline, out-of-band, and flow-based tools

Inline bypass is described in this document. Refer to Configure Inline Bypass Solutions for details.