Overview

Foundry's IDS/IPS solutions can be deployed wherever there are strategic assets to be secured in the network. This can be at the perimeter, in the datacenter, at the core and aggregation, and even at the edge of the network, where traditionally solving the security problem has been costly and difficult to operate. The secret behind Foundry's cost-effective edge based solutions are our embedded support for sFlow technology.  Embedded sFlow allows all of our products to stream packet data back to IDS/IPS systems for detailed packet inspection and analysis. This is done without impacting the wire-speed performance of our switches and routers.

Foundry IronView Network Manager Open Source IDS/IPS Solutions

The Foundry IronView Network Manager (INM) can now interface with a variety of open source IDS solutions to detect and then perform network remediation to protect from malicious or accidental network asset attacks. Foundry switches and routers can be easily configured as sensors to capture packets through our embedded sFlow capability and send them back to INM, which acts as an sFlow collector. INM then converts the sFlow data to pcap format, which is understood by a variety of open source products. Each of these products can provide valuable tools to detect and defend against network attacks.

Using open source IDS/IPS products can provide a comprehensive set of signature rules and detection mechanisms through a complex pattern matching algorithm. When a signature is detected, an event will be activated back through INM, which can trigger a manual or automatic remediation event to stop the network attack. With sFlow, INM, and open source IDS/IPS solutions, IT and security managers now have a cost effective solution for detecting and preventing network attacks, even at the edge of the network.

With INM's support for pcap conversion, other open source software solutions, such as ARPWatch and Ethereal can be supported. ARPWatch can help to identity and defend against man-in-the-middle attacks network-wide. Ethereal is an ideal tool to enable deep packet inspection and packet analysis from a central location.

Foundry SecureIron Traffic Manager Family of Products

The Foundry Networks® SecureIron™ traffic managers deliver high-performance Layer 2 through 7 switching and security, enabling organizations to achieve a highly secure and scalable network and application infrastructure. These security traffic managers are designed to protect against network- and application-layer threats network wide—at the network perimeter, inside the data center, and within the enterprise LAN. The SecureIron traffic managers are specially built for inline networkwide deployment to provide perimeter-like security enforcement inside the LAN against threats within the enterprise network. The SecureIron traffic manager family comprises two performance models: SecureIron 100 and SecureIron 300. Foundry's SecureWorks™ software suite powers the SecureIron, protecting the network and applications against high-speed attacks.

sFlow Based Zero-Day Anomaly Solutions

Foundry's security alliance partners provide baselining and Zero-Day anomaly detection with their best-of-breed products. These product acts as sFlow collectors; taking the sFlow packets received from the Foundry switches and routers, baselining the network, and using the network data to determine any accidental or malicious anomalies in the network. This solution works in conjunction with Foundry's other security solutions to defend against unknown attacks in the network.

Back to top

Related Products

Foundry Networks provides a range of security solutions and partners that assist customers in building highly secure networking environments. These security solutions revolve around our award winning L2-3 switches and routers, wireless access points and switches, L4-7 traffic management solutions, and our L2-7 security products.

View all products

Back to top

Literature

White Papers

• Foundry IronShield 360 Security (PDF 1M)
• Foundry Networks Deploys StealthWatch (PDF 302K)
• Foundry & Lancope Solutions Guide (PDF 723K)
• Benefits of Flow Analysis Using sFlow (PDF 125K)

Back to top