Bypass switch

From Bauman National Library
This page was last modified on 22 June 2016, at 15:12.

Bypass switch — passive device that maintains traffic flow when the IPS is not available.

General

There are two basic implementations for bypass switches: internal and external. Internal bypass is performed as a function of an inline security device such as an IPS. The bypass function can also be performed outside the IPS itself, using an external Bypass switch device.

Bypass.png

Advantages

External bypass switching advantages include:

Increased Security

Bypass switches offers a proven solution for deploying multiple inline security tools. Bypass switch bi-directional heartbeat monitoring for system, link, and power failures ensures uninterrupted network uptime while increasing network availability. Security tool load balancing ensures efficiency while enabling you to leverage existing tool investments and add capacity as needed, rather than investing in a forklift upgrade.

Network Reliability

The bypass switch can automatically detect an issue with inline tools and route traffic around the security tool while issuing an alert to ensure action is taken by the network or security teams. Internal bypass switches may not have all the technology advantages of an external solution, and therefore simply do not protect your network as well.

Better Visibility

Obtaining traffic statistics from the bypass switch is particularly valuable. Information such as bandwidth utilization, peak traffic, packet and byte counts, and error counts enable security personnel to measure the impact of new IPS signature sets and configurations, without the need for additional monitoring tools and network taps, and without reconfiguring SPAN ports on switches.

Programmability

Some bypass switches allow you to programmatically route traffic into or around inline security tools. This feature is very helpful when troubleshooting or when upgrading the tool software.

Disadvantages

Bypass switches add acquisition cost to the monitoring solution, although they may save cost in the long run by increasing network uptime.

Bypass switches move the single point of failure from the in-line monitoring appliance to the bypass switch itself. This should be a net gain in reliability, because the bypass switch is a simpler device than the monitoring appliance, and because it is designed for fault-tolerance. Nevertheless, reliability is an important criteria when evaluating bypass switch solutions.

Internalbypass.pngExternalbypass.png

Links