Force10 Networks Chief Security Scientist Explores Changing Requirements

To effectively protect the high speed WAN edge requires a different type of security appliance that can provide visibility into traffic as well as filter traffic at 10 Gigabit speeds, Force10 Networks Chief Security Scientist Livio Ricciulli said today at the ESCC/Internet2 Joint Techs Workshop. “With the growth in 10 Gigabit Ethernet adoption, security appliances designed for Gigabit Ethernet, or even slower networks, can no longer keep up, leaving the network edge open to security breaches,” continued Ricciulli. “To ensure security at the frontline of high speed networks, the flexibility to set and order rules as demanded by the network or traffic composition is essential to ensuring security without compromising performance.” Traditional security appliances have been defined by a rigid rule ordering logic that has prevented network operators from tailoring them to meet their needs. At higher speeds, security appliances must embrace a greater degree of flexibility that lets network operators choose between policy control, ordered rules or summed outcomes. “While flexibility is critical to providing security at 10 Gigabit speeds, the increasing sophistication of attacks is creating a requirement for greater transparency at the network edge,” Riciulli said. “A security appliance in a high speed network must look and operate almost as if invisible to the network while providing deep packet inspection from Layer 2 through Layer 7 to eliminate unwanted, harmful traffic.” Force10 recently introduced the P-Series family of security appliances, which is the industry’s first to inspect, monitor and protect the network at line-rate 10 Gigabit speeds. Based on a patented architecture that is optimized for high speed monitoring and traffic capture, the Force10 P-Series supports unprecedented deep packet inspection scalability, ensuring the highest level of security without compromising network performance.