Inline Bypass

Maximize network and security resiliency.

Every security team has a need for certain network security prevention tools to be placed inline with the network. As network data volumes rise, security teams are faced with the complexity of managing overloaded inline security tools that struggle to keep pace with the volume of network traffic.

As the majority of enterprise networks have inline security tools and typically use multiple security tools per site1, these appliances increasingly represent potential points of failure in the network. Whether due to a power outage, software malfunction, processing or throughput bottleneck, failing inline tools can disrupt the very applications and services they are meant to protect. This problem is addressed in two ways: deploying redundant inline tools and utilizing bypass protection.

The inline bypass functionality in the GigaSECURE® Security Delivery Platform enables security teams to:

  • Keep up with growing network traffic volumes by improving the performance of inline security tools
  • Improve the operational process so that security initiatives such as adding/upgrading inline security tools can be completed in hours versus weeks
  • Eliminate single points of failure of the inline security tools by providing a layer of resiliency
Maximize network and security resiliency

1 Source: ESG Research Insights Paper: Network Security Trends, January 2017

Redundant inline tool

Redundant inline tools address resiliency with the simple principle that if one tool fails, the redundant tool takes over. This is also known as 1+1 protection. A Gigamon inline visibility node is required to detect the failure of the active tool and then redirect traffic to the standby tool. The health of an inline tool is determined by monitoring the state of the link and optionally sending bidirectional heartbeat packets that verify the tool is passing traffic. The parameters of the heartbeat packets can also be refined to trigger a failover to the standby tool when the latency of the active tool becomes too great.

Rather than have this traditional active/standby arrangement, the Gigamon visibility solution can distribute traffic across multiple inline tools simultaneously. Not only does this allow security inspection and monitoring capabilities to scale up to the speed of the network, it also, in the event of a tool failure, enables the traffic can be redistributed to the remaining healthy tools. In addition, a dedicated standby tool can be deployed to provide N+1 protection.

Bypass protection

Bypass protection comes in two varieties: logical and physical. Both operate on the principle that traffic continuity must be maintained even if the traffic cannot be inspected.

Logical bypass happens in the event of a failure of an inline tool and forwards traffic to either other tools or to the network. Failure is detected when the link with that tool breaks down, the inline tool stops to respond or with the loss of software control, thus enabling you to safely remove or upgrade an inline tool without disrupting the network.

Physical bypass is the ability to physically forward the packets in the event of a power failure of the Gigamon visibility node. It also allows you to upgrade the solution without impacting network downtime. Switching to protected mode occurs automatically and without software intervention upon the loss of power.

As a key component of GigaSECURE, when combined with GigaSMART traffic intelligence features such as SSL /TLS Decryption and Application Session Filtering, Inline Bypass provides a fundamental capability to strengthen the security of 1Gb to 100Gb networks.

Technology Overview

Technology Overview

Gigamon Resilient Inline Protection (GRIP)

Solution Brief

Solution Brief

FireEye Joint Solution

Dummies Guide

Dummies Guide

Security Delivery Platforms for Dummies

GigaVUE-OS

Visibility operating system for GigaVUE H Series and TA Series.

HC Series GigaBPS

Bypass protection to ensure continuous traffic through inline security tools.

Tech Tips

Use the GigaVUE-HC2 Copper TAP Module for Inline Bypass.

GigaSECURE Security Delivery Platform

Enable effective, scalable and resilient network security.