Cubro Bypass Switches provide a fail-safe access port for an in-line active security appliance such as an intrusion prevention system (IPS), next-generation firewall (NGFW), etc.
Cubro Bypass Switches are deployed between network devices and in front of security tools, providing a reliable separation point between the network and security layers. They lead to the comprehensive support of network and security tools without the risk of network interruptions. Bypass Switches enable multiple security tools to process traffic from a single network link.
Advantages of using Cubro external bypass switch:
- Keeps network traffic flowing when the in-line appliance fails.
- Allows the in-line appliance to be removed or serviced without impacting network traffic. For example, an IPS can be taken offline for upgrades, maintenance or troubleshooting.
- In-line appliance can be moved from one network segment to another without impacting network traffic.
Bypass Application: Security Function
The illustration shows the security function of a bypass with a network packet broker. The EX12 network packet broker offers 12000 filter rules. These rules can be used to block unwanted traffic by hardware filters, based on blacklists, for example by country. The EX12 is immune against DDoS attacks because there is no software stack. The Packetmaster can also serve a bandwidth meter function that can limit incoming traffic to protect the firewall.
The last software upgrade gives every Cubro Packetmaster the ability to work as a bypass switch with heartbeat functionality. The Cubro Bypass solution supports data rates from 1 to 100 Gbit.
- Multilink support
- Multiple heartbeats for multiple service testing options
- Input-output traffic compare option
- Monitoring support
- Switch to spare support
- Packet broker and bypass in one unit support
- Security feature DDoS protection