Many security tools need to be connected inline on production networks to realize their full value. This means that all traffic must flow from the network segment through the tool and then back onto the production network. This introduces various operational risks and challenges including the impact of a failure of the inline device and the potential performance degradation as the volume of traffic and speed of the network increases.
A 10Gb stream of traffic will quickly render a 1Gb inline device over-subscribed and potentially obsolete. Gigamon developed the G-SECURE-0216 Inline Traffic Distribution Node to specifically address these two challenges, availability and performance.
Traffic enters the G-SECURE-0216 10Gb ingress port and then, with powerful distribution logic and intelligence, the traffic is distributed to up to eight 1Gb inline devices such as an IPS or firewall. The integration of both session-based and application-based intelligence allows Security teams to distribute loads based upon IP or MAC addresses as well as by application port number. The G-SECURE-0216 is available in both single-mode and multimode fiber configurations, and the ingress supports both 1Gb as well as 10Gb connections.
The G-SECURE-0216 offers both active and passive bypass protection for inline tools, so that in the event of a failure or power outage, the network connectivity is maintained resulting in no downtime. Customizable heartbeat packets can be sent to attached inline security tools to monitor for availability.