Big Switch Networks to Showcase SDN, BigSecure Architecture at RSA Conference
SAN FRANCISCO, Calif., Feb. 14 -- Big Switch Networks, The Next-Generation Data Center Networking Company, will be at RSA Conference February 13th - 16th, to showcase BigSecure Architecture for intent-based cyber-defense at terabit scale, Big Monitoring Fabric (Big Mon) Inline for dramatically simplifying deployment and management of security tools in the DMZ through on-demand service chains, and Big Mon out-of-band for delivering cost effective, scale-out, pervasive network visibility.
"As the threat landscape continues to rapidly change, with cyber attacks increasing in breadth and scale, IT organizations need next-generation security technologies that will support a pervasive security approach, without the high price tag and complexity of legacy or proprietary security solutions," said Prashant Gandhi, Chief Product Officer, Big Switch Networks. "With game changing SDN-based security delivery solutions from Big Switch, organization can now implement intent-based security while ensuring dynamic and scale-out operations. Mundane tasks which took cycles away from security and networking teams become automated, making the implementation of software-defined security (SDSec) the new norm."
As the data center has evolved to accommodate cloud native applications, increasing business velocity, pervasive cyber-attacks, and flat IT budgets, organizations are increasingly challenged to operationally and architecturally scale monitoring and security infrastructure. Traditional methods of gaining visibility into the network -- primarily through network packet brokers (NPBs) are difficult to scale, create visibility silos, are operationally complex, and priced at a premium. Big Switch offers organizations next-generation network security solutions for pervasive security and visibility, cloud-native application monitoring and scale-out cyber-defense to mitigate volumetric distributed denial of service (DDoS) attacks.
Big Monitoring Fabric Out-of-Band
Big Monitoring Fabric is a next-generation NPB that leverages software-defined networking (SDN) principles, Open Networking switches and a high-performance x86-based DPDK service node to provide feature-rich, scale-out data center monitoring at up to 50% lower cost than traditional NPBs. Big Mon supports 1G, 10G, 40G and 100G for the most demanding and high volume network monitoring and security environments. Customer use cases for Big Monitoring Fabric include: DMZ/Extranet Inline security as well as monitor every rack, monitor every location or monitor mobile/LTE networks.
Big Monitoring Fabric Inline
Big Mon Inline offers a simple, scale-out method for deploying security tools in the DMZ and creating on-demand service chains. The controller-based SDN design accelerates high-performance attack mitigation and enables organizations to deploy countermeasures in response to cyber threats.
Big Mon Inline provides the centralizing fabric needed for organizations to rollout a consistent, organization-wide DMZ security posture, so security teams have a single pane interface to build and manage scale-out security tool chains. Multiple active, inline tools can be deployed logically inline, in defined sequence, and receive only the traffic of interest to each. Other non-security tools, such as web-proxies, can also take advantage of Big Mon Inline for rapid, non-intrusive inline deployment. Big Mon Inline delivers the most intelligent, agile, and flexible DMZ security architecture, with capabilities including:
- Service Chaining: Place tools logically inline and easily define service chains in a web 2.0 drag and drop interface, where each tool receives active traffic in defined sequence.
- Flow Selection: Big Mon allows simplified, granular control of traffic delivery to each tool. L2-L4 filtering as well as deeper packet matching (DPM) ensures only traffic of interest is delivered to each tool, which boosts tool efficiency.
- Advanced Packet Handling: Big Mon Service Nodes can be introduced to inline tool chains for deep packet inspection via regex matching. Inline Service Nodes support tool interaction for rapid programming and response.
- Management Interfaces: The controller's rich, drag-and-drop graphical user interface offers analytics and alerting for real time traffic insight. REST APIs enable integration with security tools and security workflows for dynamic, actionable operations.
- Multi-tenancy: Big Mon supports multi-tenancy and monitoring as a service. Multiple groups and functions can share the fabric, while maintaining isolation and other policy-based access requirements.
- Fabric Resiliency: Big Mon's resilient 2-tier CLOS fabric design ensures continuous visibility and traffic deliver for all tools.
BigSecure -- A Dynamic Cyber-defense Architecture for Terabit Attack Mitigation
The volume, cadence and sophistication of cyber-attacks continues to increase rapidly, most recently witnessed in January when multiple UK banks experienced synchronized DDoS attacks that intermittently paralyzed banking services for two days. Last fall the massive, self-spreading Mirai malware, which comprised more than one hundred thousand internet-connected video cameras, to generate over 1 Terabit of DDoS attack to Domain Name Service (DNS) providers blocked dozens of high-profile, high traffic Internet domains for hours. As DDoS attacks become more rampant, it is mandatory for organizations to deploy cyber-defense mechanisms to protect against massively distributed attacks without breaking their security budget.
With BigSecure Architecture, web hosting and cloud computing providers can deploy a dynamic, high-performance, scale-out cyber-defense solution, at an economical price point. The solution enables existing security tools to leverage an externalized elastic attack mitigation infrastructure consisting of the underlying network and a pool of x86-based compute resources. Specifically, the BigSecure Architecture includes:
- Big Monitoring Fabric -- an SDN-based Inline fabric deployed at the data center edge or in the DMZ for connecting security tools and creating service chains; the Big Monitoring Fabric SDN controller supports programmatic operations through RESTful APIs for dynamic multi-system interactions, dynamic load balancing of tools and dynamic reconfiguration of security service chains.
- Big Monitoring Fabric Service Node -- a high performance (40G to 160G) Intel x86 DPDK-based service node, centrally controlled and managed by the Big Mon SDN Controller, for deep-packet and flow inspection and filtering based on whitelist/blacklist of signatures for the purpose of attack mitigation. With the aid of the Big Mon Controller, it can be dynamically inserted into security service chains to guarantee front-line attack mitigation. Multiple service nodes can be deployed in a scale-out manner for Terabit filtering and mitigation.
- NFV Tool Farm -- a pool of x86 compute resources available for hosting security tools in the form of virtual network functions (VNFs) in order to elastically scale them for Terabit attack mitigation. Big Monitoring Fabric programmatically augments service chains as well as load balances across a large set of tool VNFs.
- Security Tools -- 3rd party security tools (such as A10 Networks' Threat Protection System) that detect and mitigate sophisticated attacks, leverage L2-L7 attack mitigation capabilities of the high-speed SDN fabric, service nodes and NFV tool farm, and interact programmatically with the Big Mon controller for dynamic attack mitigation.
- Open Hardware -- industry-standard 10G/40G/100G Ethernet switches from Dell EMC and Edgecore Networks operating at multi-terabit bandwidth, centrally controlled and managed by the Big Monitoring Fabric controller; industry-standard x86 servers for SDN controllers, service nodes and NFV tool farm.
Once BigSecure Architecture is instantiated, a security tool detects high-bandwidth attack and interacts with the Big Monitoring Fabric Controller via programmatic APIs to redirect incoming traffic for elastic mitigation. Depending on the type of attack, the Big Mon Controller activates SDN fabric and compute resources for attack mitigation, reconfigures the service chain to redirect traffic to mitigation infrastructure, and load-balances traffic across a cluster of Big Mon service nodes and NFV tool farm for scale-out performance. The combination of SDN fabric, Big Mon service nodes and NFV tool farm performs Layer-7 scans of network traffic and blocks those packets/flows that contain attack signatures. With BigSecure, security teams are able to deploy dynamic cyber-defense architecture that provides elastic, Terabit-scale attack mitigation capability at an affordable price while continuing to leverage best-of-breed security tools.
In addition to Terabit-scale mitigation, BigSecure Architecture also exports flow telemetry (NetFlow, sFlow) of network traffic to anomaly-detection/traffic visibility systems, which provide the ability to detect, classify, and traceback a variety of attacks.
Integration with leading Technical Solution Partners
- A10 Networks and Big Switch have partnered to create an efficient, cost-optimized solution for DDoS attack detection across the entire data center. The solution is composed of A10 Networks' Thunder Threat Protection System (TPS) and Big Switch's Big Monitoring Fabric, which leverages open networking switches. The solution enables security administrators to monitor data-center wide traffic for sophisticated DDoS attacks and security breaches.
- ExtraHop and Big Switch Networks have partnered to deliver a scalable, cost-effective solution for all IT teams to gain deep visibility into network and application traffic. The joint solution combines ExtraHop's streaming analytics and proactive remediation capabilities with SDN controls from Big Monitoring Fabric, to offer unparalleled visibility into all network activity, and help customers gain optimal application experience and business efficiency.
- The collaboration between FireEye and Big Switch has enabled customers to achieve comprehensive, organization-wide threat protection. Big Switch's Big Monitoring Fabric with FireEye Threat Prevention Platform enables monitoring of any flow at any time while providing the benefits of zero-touch management and scale-out deployment. With Big Mon Inline solution and FireEye IPS deployed in the DMZ, customers can benefit from simplified, scalable and dynamically orchestrated service chains, all from a single pane of glass.
- Riverbed SteelCentral NetExpress network performance management platform and Big Monitoring Fabric together deliver an all-in-one pervasive network monitoring solution that combines flow as well as packet collection and analysis for the entire data center.
- Certified joint solution of Symantec SSL Visibility Appliance with Big Monitoring Fabric Inline through Symantec's ETM Ready Program (Encrypted Traffic Management) helps customers combat sophisticated attacks by addressing malware hiding in SSL traffic.
About Big Switch Networks
Big Switch Networks is the Next-Generation Data Center Networking Company. We disrupt the status quo of networking by designing intelligent, automated and flexible networks for our customers around the world. We do so by leveraging the principles of software-defined networking (SDN), coupled with a choice of industry-standard hardware. Big Switch Networks has two solutions: Big Monitoring Fabric, a Next-Generation Network Packet Broker, which enables pervasive security and monitoring of data center and cloud traffic for inline or out-of-band deployments and Big Cloud Fabric, the industry's first Next-Generation switching fabric that allows for choice of switching hardware for OpenStack, VMware, Container and Big Data use cases. Big Switch Networks is headquartered in Santa Clara, CA, with offices located in Tokyo, Sydney, London and Istanbul. For additional information, email firstname.lastname@example.org, follow @bigswitch, visit www.bigswitch.com or register for BSN Labs, a free, hands-on demo environment.
Source: Big Switch Networks