Inline Bypass

Maximize network and security resiliency.

As more tools move from an out-of-band detection mode to an inline active protection mode, network resiliency becomes a particular concern. Redundant network architectures are designed to be fault-resilient, but they present their own challenges when it comes to inline inspection of traffic. Gigamon has developed a resilient inline architecture that utilizes the GigaVUE-HC2 to address these concerns as part of the GigaSECURE® Security Delivery Platform—Gigamon Resilient Inline Protection (GRIP™). Inline security appliances represent potential points of failure in the network. Whether due to a power outage, software malfunction or processing bottleneck, failing inline tools can disrupt the very applications and services they are meant to protect. This problem is addressed on two fronts: deploying redundant inline tools and utilizing bypass protection.

Maximize network and security resiliency

Redundant inline tool

Redundant inline tools address resiliency with the simple principle that if one tool fails, the redundant tool takes over. This is also known as 1+1 protection. An inline visibility node is required to detect the failure of the active tool and redirect traffic to the standby tool. The health of an inline tools is determined by monitoring the state of the link and optionally sending bidirectional heartbeat packets that verify the tool is passing traffic. The parameters of the heartbeat packets can also be re-tuned to trigger a failover to the standby tool when the latency of the active tool becomes too great. Rather than have an active/standby arrangement, the visibility node can distribute traffic across multiple inline tools. Not only does this allow security monitoring to scale up to the speed of the network, but also in the event of a tool failure, the traffic can be redistributed to the remaining healthy tools. In addition, a dedicated standby tool can be deployed to provide N+1 protection.

Bypass protection

Bypass protection comes in two varieties: logical and physical. Both operate on the principle that traffic continuity must be maintained even if the traffic cannot be inspected.

With logical bypass, the traffic is forwarded to the network should the inline tool fail. When deploying redundant inline tools, bypass protection is applied if/when both the active and standby tool is down. Or if multiple tools are present, traffic is bypassed when a certain number of the tools have failed.

Physical bypass protection avoids any problem with power failure of the visibility node itself. In the event of a power failure, relays complete the network circuit and keep traffic owing. The relays are designed such that they require power to access the network traffic (so that it can be forwarded to the inline tools) and switching to protected mode occurs automatically and without software intervention upon the loss of power.

Technology Overview

Technology Overview

Gigamon Resilient Inline Protection (GRIP)

Solution Brief

Solution Brief

FireEye Joint Solution

Dummies Guide

Dummies Guide

Security Delivery Platforms for Dummies

GigaVUE-OS

Visibility operating system for GigaVUE H Series and TA Series.

HC Series GigaBPS

Bypass protection to ensure continuous traffic through inline security tools.

Tech Tips

Use the GigaVUE-HC2 Copper TAP Module for Inline Bypass.