5. Factors in calculation of financial loss
from security breaches/intrusions
52%
35%
34%
31%
27%
Legal defense services
Loss of customer business
Consulting and Audit services
Deployment of security tools
Damage to brand
26%Court settlements
7. Information Governance Core Disciplines: Security and Privacy
Locate where
sensitive data
Classify &
Define data
types
Set policies
& metrics
Protect data
access
Organize
unstructured
data
De-identify
confidential
data
Compliance
SLA & QoS
Assess
vulnerabilities
Detect
intrusions
Understand &
Define
Secure & Protect Monitor & Audit
8. Who? (source and destination)
Critical information
What? (IP protocol and port numbers)
When? (time when the flow was observed)
Where? (input interface)
How? (type of service)
10. ESX Stack
Hypervisor
Phantom
Monitor™
V Switch
vm 1 Vm 2 Vm 3
Web Security
IDS/IPS
Protocol
Analysis Database
Security
VoIP
Network
Performance
ESX Stack
Hypervisor
Phantom
Monitor™
V Switch
vm 1 Vm 2 Vm 3
Director
Aggregation
Visibility Architecture
Advanced Packet Distribution
Aggregation and regeneration
Intelligent Filtering
Bypass switching (inline)
Packet Slicing & DeDuplication
Total Network Visibility
Forensics
11. Traditional access methods don‘t work!
1. Degrading performance of network
2. Dropping important packets
3. Needs to be configured (time loss)
4. Mixing source/destination information
5. Limitations with sessions
6. Compliance issues
SwitchSwitch
1. Potential single point of failure
2. Expensive 1-tool-1-link deployment
3. Relocating means link downtime
SPAN port:
Inline:
12. Switch
Use Network TAP instead of SPAN
Benefits
• Full-duplex access with zero impact on
network traffic around the clock
• 100% visibility to link traffic for security
and network monitoring tools
• Plug-and-play — no configuration required
• Permanent access: no need to break the
link each time you need to remove tool
• Forwards important L1 and L2 errors
• Dual power supplies: keeps the network
link up and running in case of power failure
Firewall
Analyzer
Switch
13. Protect inline deployments with Bypass Switch
Benefits
• Protects the network from IPS link,
application, and power outages
• SNMP (v2c, v3) traps indicate status
changes for system, link, power, and
threshold
• Intelligent Heartbeat packets:
continuous check of IPS health!
• Removes link downtime: ensures
traffic flow when appliance is offline
• RMON statistics and LCD display
• Redundant power supplies
SwitchFirewall
IPS
Switch
15. Cost saving:
• Reducing CAPEX/OPEX by using fewer tools
Benefits
User satisfaction:
• No network/link downtime
Simplicity:
• Centralized monitoring of many network
segments and different types of traffic
Scalability
• Any tool – any time
Security:
• No packets dropped – 100% visibility
16. The MOST TRUSTED names
in networking
Service Providers trust IXIA to:
Improve and speed service delivery
Speed roll out of next gen services
Improve network and application
visibility and performance
Equipment Manufacturers trust IXIA to:
Develop next generation devices
Speed time to market
Improve performance and reliability
Enterprises trust IXIA to:
Assess vendor equipment and
applications
Improve network security posture
Improve network and application
visibility and performance
Chip Fabricators trust IXIA to:
Validate protocol conformance
Speed time to market
trust
Test
Security
Visibility