Your SlideShare is downloading. ×
Brad Haizlett ISSCoastal Netronome SL-10000 Data Sheet
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Brad Haizlett ISSCoastal Netronome SL-10000 Data Sheet

726
views

Published on

Improved Network Security and Compliance with …

Improved Network Security and Compliance with
Unparalleled Access to the Plaintext of SSL Flows


The Netronome SSL Inspector™ is the industry’s highest-performance transparent proxy for Secure Sockets Layer (SSL) network communications, providing existing sniffing, recording and filtering security appliances with access to the decrypted plaintext of SSL-encrypted flows. This provides assurance that common threats, such as spam, spyware and viruses, data theft and other forms of cyber crime, are identified inside SSL flows that previously could not be examined by installed network and security appliances. Network appliance manufacturers now have a mechanism to provide their security applications with visibility into both SSL and non-SSL network traffic that also increase their application performance.

Please contact Jennifer Shook to schedule a web presentation, evaluation or request pricing.

jennifer@isscoastal.com

main 724-768-7269

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
726
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. NetronomeSS Inspector L TMTransparent SSL Proxy ApplianceNetronome’s SSL Inspector Appliance provides existingsecurity appliances used for intrusion detection and preven-tion (IDS/IPS), forensics, compliance and data loss with accessto the decrypted plaintext of SSL flows. This equips networkappliance manufacturers with a mechanism to provide theirsecurity applications with visibility into both SSL and non-SSLnetwork traffic and increase their applications’ performance toavoid becoming the cause of reduced network throughput.This also allows end-users to add SSL inspection capabilities to • Input Aggregation: Allows aggregation of traffic fromtheir network security architecture immediately to close the multiple network taps onto a single passive-tap segmentsecurity loophole that SSL creates. for inspection.Features and Benefits • Output Mirroring: Allows the SSL Inspector to feed traffic to up to two attached passive security appliances inThe unique capabilities of the Netronome SSL Inspector re- addition to the primary security appliance.move risks arising from lack of visibility into SSL traffic while alsoincreasing the performance of security and network appliances. • Management: Command line tools and remote manage- ment API in addition to Web user interface.• Line-rate Network Performance: • High Availability: Integrated fail-to-wire/fail-to-open – Non-SSL flows will be sent to the attached security hardware and configurable link state monitoring and appliance(s) or cut-through in less than 40 microseconds, mirroring for guaranteed network availability and network minimizing delay for applications, such as VoIP. security, including support for asymmetrically routed traffic. – Supports decryption of up to 2 Gbps of SSL traffic for a variety of SSL versions and cipher suites. • FIPS 140-2 Level 2 Certification: Versions of the product that are certified to FIPS 140-2 Level 2 will be available.• Scalable Flow-based Processing: At up to 10 Gbps, the SSL Inspector supports the analysis of up to 3,000,000 • Flexibility: Supports both passive and active appliances. simultaneous TCP flows. – In-line and Tap modes of operation – Inbound and outbound SSL inspection• High Connection Rate/Flow Count: The SSL Inspector supports 200,000 concurrently active SSL sessions that are • SSL Policy Enforcement: Provides a single point to control being inspected. The setup and teardown rate of 5,000 SSL usage of SSL throughout the enterprise. sessions per second is 10x higher than other solutions. • Web-based Management: The SSL Inspector is configured• Network Transparency: Deploying the SSL Inspector is and managed via an SSL-secured web-based graphical user transparent to end systems and to intermediate network interface, keeping administration simple. elements and does not require network reconfiguration, • E-mail Alerting: Logs can be configured to trigger alerts IP addressing or topology changes, or modification to client that can be forwarded via email immediately or at intervals IP and Web browser configurations. to designated network administrators.• Application Preservation: Intercepted plaintext is delivered • SSL Session Identification: The session log provides details to security appliances as a generated TCP stream with of all SSL flows, inspected or not, allowing suspicious trends the packet headers as they were received. This allows or patterns of SSL use to be detected. applications and appliances, such as IDS, IPS, forensics and data loss prevention, to expand their scope to provide benefits for SSL-encrypted traffic. THEFlow Processing COMPANY For more information aboutother Netronome products, please visit netronome.com.
  • 2. Transparently Decrypting SSL Transparently Decrypting SSLfor Existing Applications (Active In-line) for Existing Applications (Passive Tap) IP ADDRESS UNMODIFIED 1.1.1.20 SECURITY APPLICATION IDS “SNIFFING” (Example: Intrusion APPLICATION Prevention System) abc INTRANET PlaintextWEB Plaintext WEB SERVER abc in Regenerated in Regenerated (SSL Server)BROWSER IP ADDRESS TCP Stream TCP Stream(SSL Client) 1.1.1.10 #@$ &*% NETWORK SWITCH/ IP ADDRESS SSL INSPECTOR IP ADDRESS 2.2.2.x ROUTER 1.1.1.10 APPLIANCE Session 1 (Key 1) Session 2 (Key 2) INTERNET #@$ #@$ GW1 CA GW1 INTERNET CA NETWORK SPAN PORT/ SSL INSPECTOR BUMP NETWORK SWITCH SWITCH/ROUTER TAP/MIRROR WEB SERVERS APPLIANCE IN WIRE WEB BROWSER (SSL Server) INTERNET (SSL Client) WEB SERVERS (SSL Server) Multiple Segment Support SSL Inspector SI-10000 Appliance Supports multiple in-line or tap segments Performance that feed one or more active or passive Total Throughput 10 Gbps (line rate) attached appliances. Number of segments SSL Inspection Throughput 2 Gbps varies depending on model number. Cut-through Latency <40µs Support for multiple re-signing CAs, as Concurrent SSL Flow States 200,000 well as server keys, allowing rules-based SSL Flow Setups/Teardowns 9.500 per second per-flow signatures and keys. SSL Session Log Entries 10,000,0000 Specifications Network Flow Engine 1 x NFE-3240 Network Interfaces 2, 4 or 6 x10 Gbps SR Fiber Configurations or 4, 8 or 12 x10/100/1000 Mbps Fiber or Copper Hard Drive Size 64 GB SSD Drive Power Supplies 2 x 650W Network 1 In Network 1 Out Management Interfaces 2 x RJ45 Network 2 In Network 2 Out Display LED 16x2 Char. Display MTBF 30,000 hrs. min. at 25° C Operating Temperature 0°- 40°C Port Mirroring Storage Temperature –10-70° C Decrypt once, feed many Dimensions (in.) H x W x D 1.75 x 17 x 27.75 Capable of sending copies out to many devices over the additional ports on the Regulatory and Environmental CE (EN55022, EN55024, EN60950), FCC part 15 class 2, Standards/Compliance CSA 22.2 #60950, UL65090-1 SSL Appliances. This allows you to feed Modes of Operation Passive Tap, Passive In-line, Active Inline (Fail-to-wire), all traffic (decrypted and non-SSL) to (per network segment) Active Inline (Fail-to-Appliance) additional passive devices on the network. Proxying Modes Controlled-Client (Re-sign) Mode [In-line Only], (per network segment) Contolled-server (Known-key) Mode Forensics / APM In-line IPS, XPS, Compliance / IDS Encryption TLS 1.0, TLS1.1, SSL3, partial SSL2 Malware Public Key Algorithms RSA, DH Symmetrical Key Algorithms AES, 3DES, DES, RC4 Hashing Algorithms MDS, SHA-1, SHA-2 RSA Keys 512-8192 bits Network In Network Out Netronome has operations in: USA (Pittsburgh [HQ], Santa Clara & Boston), UK (Cambridge), Malaysia (Penang), South Africa (Centurion) and China (Shenzhen, Hong Kong) info@netronome.com 877.638.7629 netronome.com ®Netronome is a registered trademark, and the Netronome Logo, “The Flow Processing Company” and the Netronome SSL Inspector Name and Logo are trademarks of Netronome Systems, Inc. All other trademarks are the property of their respective owners. © 2011 Netronome Systems, Inc. All rights reserved. Specifications are subject to change without notice. (1-12)