CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

PRODUCT

Silicom Bypass Switch


Inline information security devices, such as NGFW, IPS, WAF, DDoS, SSL, and DPI, are the gatekeepers for enterprises to avoid being invaded by hackers or worms. It is necessary to deeply inspect each packet and confirm that it is safe before passing the packet. . Therefore, the complicated work requires a lot of CPU performance of the device, and the hardware and software must be well matched. The performance of the information security device is also closely related to the type and number of blocking rules. The traffic that can be processed is not equal to the interface speed. Therefore, It is inevitable that the occasional crash or the system is unstable at the initial stage of updating the software, etc., which will lead to the disconnection of the external network, which will cause immediate disasters and even loss of revenue for the enterprise. The function of the bypass switch minimizes the risk of this disconnection.

Silicom IBS(1G), IS40(10/40G), IS100(100G) Bypass Switches belong to the highest level of protection, with active and passive bypass capabilities, which can protect the network from monitoring The device has been disconnected from the network due to maintenance, downtime, or power outages. In addition to sending heartbeat packets for monitoring to monitor the information security host for bypass switching, it also monitors its own health status. It can also perform bypass switching when it crashes or is powered off without becoming a network host. point of failure.

It is generally believed that the most common causes of network disconnection of Inline information security equipment are: software instability, crash, wrong rule setting, attack, etc., or the traffic processing speed is very slow, but there is no disconnection. The ""half-dead"" state causes users to be unable to access the Internet; even if the HA architecture is used, when this happens, it is still necessary to manually unplug or power off the Active line to completely disconnect the Active line before HA routing can be activated. The expected built-in bypass network card cannot achieve the expected protection effect in the case of a crash, still causing the network Downn Time, and still need to deal with the disconnection problem manually, so more and more managers begin to pay attention to the difference in disconnection protection levels , and are willing to accept a more effective bypass switch disconnection protection scheme.

Network Visibility