Company to Highlight Intent-Based Security Use Cases for Big Monitoring Fabric, Including Inline Mode for DMZ Security Service-Chaining and Pervasive Network Visibility
SAN FRANCISCO, CA (February 14) -- RSA CONFERENCE -- Big Switch Networks®, The Next-Generation Data Center Networking Company, will be at RSA Conference February 13th - 16th, to showcase BigSecure Architecture™ for intent-based cyber-defense at terabit scale, Big Monitoring Fabric™ (Big Mon) Inline for dramatically simplifying deployment and management of security tools in the DMZ through on-demand service chains, and Big Mon out-of-band for delivering cost effective, scale-out, pervasive network visibility.
To learn more about Big Switch’s security-based use cases, visit Big Switch at booth #N4508. Big Switch will conduct presentations hourly on both BigSecure Architecture and Big Monitoring Fabric Inline and out-of-band use cases.
“As the threat landscape continues to rapidly change, with cyber attacks increasing in breadth and scale, IT organizations need next-generation security technologies that will support a pervasive security approach, without the high price tag and complexity of legacy or proprietary security solutions,” said Prashant Gandhi, Chief Product Officer, Big Switch Networks. “With game changing SDN-based security delivery solutions from Big Switch, organization can now implement intent-based security while ensuring dynamic and scale-out operations. Mundane tasks which took cycles away from security and networking teams become automated, making the implementation of software-defined security (SDSec) the new norm.”
As the data center has evolved to accommodate cloud native applications, increasing business velocity, pervasive cyber-attacks, and flat IT budgets, organizations are increasingly challenged to operationally and architecturally scale monitoring and security infrastructure. Traditional methods of gaining visibility into the network—primarily through network packet brokers (NPBs) are difficult to scale, create visibility silos, are operationally complex, and priced at a premium. Big Switch offers organizations next-generation network security solutions for pervasive security and visibility, cloud-native application monitoring and scale-out cyber-defense to mitigate volumetric distributed denial of service (DDoS) attacks.
Big Monitoring Fabric Out-of-Band
Big Monitoring Fabric is a next-generation NPB that leverages software-defined networking (SDN) principles, Open Networking switches and a high-performance x86-based DPDK service node to provide feature-rich, scale-out data center monitoring at up to 50% lower cost than traditional NPBs. Big Mon supports 1G, 10G, 40G and 100G for the most demanding and high volume network monitoring and security environments. Customer use cases for Big Monitoring Fabric include: DMZ/Extranet Inline security as well as monitor every rack, monitor every location or monitor mobile/LTE networks.
Big Monitoring Fabric Inline
Big Mon Inline offers a simple, scale-out method for deploying security tools in the DMZ and creating on-demand service chains. The controller-based SDN design accelerates high-performance attack mitigation and enables organizations to deploy countermeasures in response to cyber threats.
Big Mon Inline provides the centralizing fabric needed for organizations to rollout a consistent, organization-wide DMZ security posture, so security teams have a single pane interface to build and manage scale-out security tool chains. Multiple active, inline tools can be deployed logically inline, in defined sequence, and receive only the traffic of interest to each. Other non-security tools, such as web-proxies, can also take advantage of Big Mon Inline for rapid, non-intrusive inline deployment. Big Mon Inline delivers the most intelligent, agile, and flexible DMZ security architecture, with capabilities including:
BigSecure -- A Dynamic Cyber-defense Architecture for Terabit Attack Mitigation
The volume, cadence and sophistication of cyber-attacks continues to increase rapidly, most recently witnessed in January when multiple UK banks experienced synchronized DDoS attacks that intermittently paralyzed banking services for two days. Last fall the massive, self-spreading Mirai malware, which comprised more than one hundred thousand internet-connected video cameras, to generate over 1 Terabit of DDoS attack to Domain Name Service (DNS) providers blocked dozens of high-profile, high traffic Internet domains for hours. As DDoS attacks become more rampant, it is mandatory for organizations to deploy cyber-defense mechanisms to protect against massively distributed attacks without breaking their security budget.
With BigSecure Architecture, web hosting and cloud computing providers can deploy a dynamic, high-performance, scale-out cyber-defense solution, at an economical price point. The solution enables existing security tools to leverage an externalized elastic attack mitigation infrastructure consisting of the underlying network and a pool of x86-based compute resources. Specifically, the BigSecure Architecture includes:
Once BigSecure Architecture is instantiated, a security tool detects high-bandwidth attack and interacts with the Big Monitoring Fabric Controller via programmatic APIs to redirect incoming traffic for elastic mitigation. Depending on the type of attack, the Big Mon Controller activates SDN fabric and compute resources for attack mitigation, reconfigures the service chain to redirect traffic to mitigation infrastructure, and load-balances traffic across a cluster of Big Mon service nodes and NFV tool farm for scale-out performance. The combination of SDN fabric, Big Mon service nodes and NFV tool farm performs Layer-7 scans of network traffic and blocks those packets/flows that contain attack signatures. With BigSecure, security teams are able to deploy dynamic cyber-defense architecture that provides elastic, Terabit-scale attack mitigation capability at an affordable price while continuing to leverage best-of-breed security tools.
In addition to Terabit-scale mitigation, BigSecure Architecture also exports flow telemetry (NetFlow, sFlow) of network traffic to anomaly-detection/traffic visibility systems, which provide the ability to detect, classify, and traceback a variety of attacks.
Integration with leading Technical Solution Partners
About Big Switch Networks
Big Switch Networks is the Next-Generation Data Center Networking Company. We disrupt the status quo of networking by designing intelligent, automated and flexible networks for our customers around the world. We do so by leveraging the principles of software-defined networking (SDN), coupled with a choice of industry-standard hardware. Big Switch Networks has two solutions: Big Monitoring Fabric, a Next-Generation Network Packet Broker, which enables pervasive security and monitoring of data center and cloud traffic for inline or out-of-band deployments and Big Cloud Fabric, the industry's first Next-Generation switching fabric that allows for choice of switching hardware for OpenStack, VMware, Container and Big Data use cases. Big Switch Networks is headquartered in Santa Clara, CA, with offices located in Tokyo, Sydney, London and Istanbul. For additional information, email firstname.lastname@example.org, follow @bigswitch, visitwww.bigswitch.com or register for BSN Labs, a free, hands-on demo environment.
Big Switch Networks, Big Cloud Fabric, Big Monitoring Fabric, BigSecure, Big Chain, Switch Light OS, and Switch Light VX are trademarks or registered trademarks of Big Switch Networks, Inc. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners.