BigSecure architecture offers dynamic cyber defence

  • 7 years ago Posted in
Big Switch Networks has introduced significant updates to its SDN-based Big Monitoring Fabric™(Big Mon) product line. The company is introducing BigSecure Architecture, a dynamic, high-performance cyber-defence platform that enables Terabit attack mitigation. The company is also extending Pervasive Visibility use cases for cloud-native application traffic, which includes dynamic monitoring of VM, Containers and Public Cloud environments.
 
Big Switch will host a special launch webinar on Wednesday, December 14 at 10am PT (18:00 GMT). The webinar will highlight BigSecure Architecture, cloud-native application monitoring use cases and new features in Big Monitoring Fabric 6.0. To register: http://bit.ly/2gCgM8V.
 
“Our mission is to provide next-generation data centre networking solutions so that our customers can experience the true benefits of a software-defined data centre,” said Douglas Murray, CEO, Big Switch Networks. “With our introduction of BigSecure Architecture and cloud-native application monitoring, we are arming customers with next-generation data centre security and visibility solutions they need to defend their networks and monitor their cloud-based applications.”
 
Momentum
In January of 2016, Big Switch announced $48.5M in Series C funding, which included participation from existing and new investors and brings the company’s total funding to $94M. In the latest quarter, the company saw annual software subscriptions grow by more than 267% year-over-year and had multiple customer deals in excess of $1MM. Customers are located across North America, APAC and EMEA regions in more than 25 countries and are in verticals that include technology, financial services, government, media, telecom and higher education. Customers include: Verizon, the U.S. Federal Government, Intuit, Nomura Research Institute, American Fidelity, National Instruments, CleanSafeCloud, Digita Oy, 10 of the 15 largest telcos in the world, multiple global financial services firms, media companies, a Fortune 25 software company and a Fortune 5 oil & gas company.
 
BigSecure -- A Dynamic Cyber-defence Architecture for Terabit Attack Mitigation
The volume, cadence and sophistication of cyber-attacks is rapidly increasing on large organisations including cloud providers, service providers and software-as-a-service (SaaS) providers. Attackers have started to compromise tens of thousands of Internet of Things (IoT) devices to create armies of “botnets,” which collectively send large-scale malicious traffic to disrupt critical internet-based services. Recently, the self-spreading Mirai malware compromised over one hundred thousand internet-connected video cameras to generate over 1 Terabit of distributed denial of service (DDOS) attack to Domain Name Service (DNS) service provider, blocking multiple high-profile Internet domains for hours. It has become necessary for organisations to deploy cyber-defence mechanisms to protect against massively distributed attacks without breaking their security budget.
 
With Big Switch’s BigSecure Architecture organisations are able to deploy a dynamic, high-performance cyber-defence solution, at affordable price points. The solution enables existing security tools to leverage an externalised elastic attack mitigation infrastructure consisting of the underlying network and a pool of x86-based compute resources. Specifically, the BigSecure Architecture includes:
 
?     Big Monitoring Fabric -- an SDN-based inline fabric deployed at the data centre edge or in the DMZ for connecting security tools and creating service chains; the Big Monitoring Fabric SDN controller supports programmatic operations through RESTful APIs for dynamic multi-system interactions, dynamic load balancing of tools and dynamic reconfiguration of security service chain.
?     Big Monitoring Fabric Service Node -- a high performance (40G to 160G) Intel x86 DPDK-based service node, centrally controlled and managed by the Big Mon SDN Controller, for deep-packet and flow inspection and filtering based on whitelist/blacklist of signatures for the purpose of attack mitigation. With the aid of the Big Mon Controller, it can be dynamically inserted into security service chains to guarantee front-line attack mitigation. Multiple service nodes can be deployed in a scale-out manner for Terabit filtering and mitigation.
?     NFV Tool Farm -- a pool of x86 compute resources available for hosting security tools in the form of virtual network functions (VNFs) in order to elastically scale them for Terabit attack mitigation. Big Monitoring Fabric programmatically augments service chains as well as load balances across a large set of tool VNFs.
?     Security Tools -- 3rd party security tools (such as A10 Networks’ Threat Protection System) that detect and mitigate sophisticated attacks, leverage L2-L7 attack mitigation capabilities of the high-speed SDN fabric, service nodes and NFV tool farm, and interact programmatically with the Big Mon controller for dynamic attack mitigation.
?     Open Hardware -- industry-standard 10G/40G/100G Ethernet switches from Dell EMC and Edgecore Networks operating at multi-terabit bandwidth, centrally controlled and managed by the Big Monitoring Fabric controller; industry-standard x86 servers for SDN controllers, service nodes and NFV tool farm.
 
Once BigSecure Architecture is instantiated, a security tool detects a high-bandwidth attack and interacts with the Big Monitoring Fabric Controller via programmatic APIs to redirect incoming traffic for elastic mitigation. Depending on the type of attack, the Big Mon Controller activates SDN fabric and compute resources for attack mitigation, reconfigures the service chain to redirect traffic to mitigation infrastructure, and load-balances traffic across a cluster of Big Mon service nodes and NFV tool farm for scale-out performance. The combination of SDN fabric, Big Mon service nodes and NFV tool farm performs Layer-7 scans of network traffic and blocks those packets/flows that contain attack signatures. With BigSecure, security teams are able to deploy dynamic cyber-defence architecture that provides elastic, Terabit-scale attack mitigation capability at an affordable price while continuing to leverage best-of-breed security tools.
 
In addition to Terabit-scale mitigation, BigSecure Architecture also exports flow telemetry (NetFlow, sFlow) of network traffic to anomaly-detection/traffic visibility systems, which provide the ability to detect, classify, and traceback a variety of attacks.
 
Cloud-Native Application Monitoring
The rise of cloud-native applications, in the form of virtual machines (VMs) and containers has driven up east-west traffic within the data centre, leading to tremendous visibility and security challenges. When applications are deployed in public clouds, consistent architecture for application traffic visibility becomes necessary.
 
Big Switch pioneered the “monitor every rack” use case for comprehensive east-west traffic monitoring of bare-metal and VM traffic at affordable price points. With this release, Big Switch introduces new capabilities in Big Monitoring Fabric, leveraging programmatic interactions, to enable pervasive visibility and security of any workload, anywhere. Specifically:
?     Dynamic VM Monitoring -- VM-to-VM traffic visibility in VMware environments by leveraging programmatic interactions between Big Monitoring Fabric controller and VMware vSphere VMs; this alleviates the need for a special monitoring VM in every vSphere host which introduces operational complexities across virtualisation and security teams, adds cost and reduces server performance.
?     Container Monitoring -- Container-to-container traffic visibility when deployed on bare-metal hosts or within VMware vSphere VMs.
?     Public Cloud Monitoring -- Traffic visibility for workloads deployed in public cloud, such as Amazon Web Services (AWS).
 
Big Monitoring Fabric Release 6.0
Big Monitoring Fabric is a next-generation network packet broker (NPB) that leverages SDN principles, Open Networking switches and a high-performance x86-based DPDK service node to provide feature-rich, scale-out data centre monitoring at up to 50% lower cost than traditional NPBs. Big Monitoring Fabric supports 1G, 10G, 40G and 100G for the most demanding and high volume network monitoring and security environments. Customer use cases for Big Monitoring Fabric include: monitor every rack, monitor every location, monitor mobile/LTE networks and DMZ/Extranet Inline security. Big Monitoring Fabric Release 6.0 includes:
 
?     160G Service Node
?     NetFlow generation service
?     Packet masking service
?     Header decapsulation service
?     Analytics 2.0 with top users, top apps, triggers and custom reports
?     Support for Dell EMC open networking switches: Z9100-ON (32x100G), S6100-ON (64x40G), S6010-ON (32x40G), S4048-ON (42x10G + 6x40G) and S4048T-ON (48x10GbT + 6x40G)
?     Support for Edgecore Networks open networking switches: AS7712-32X (32x100G), AS6812-32X (32x40G), AS5812-54X (48x10G + 6x40G), AS5812-54T (48x10GT + 6x40G)
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...