Extending Your Network Security to AWS

Thursday, November 1, 2018

Business and government IT workloads are rapidly transitioning from premises-based data centers to cloud service providers (CSPs).  But challenges arise when CSP compute instances are unable to route network traffic at the speeds required by high-powered threat detection and data loss prevention solutions. In a world where cyber attackers will exploit the slightest weakness for activist, financial, or nation-state gain, traffic inspection speed is vital.

The challenge though, is that to effectively inspect traffic, it must first be presented to inspection engines without bandwidth or latency constraints. That’s why today, we are thrilled to announce an integrated solution developed in partnership with Netgate®.

The solution combines Netgate® TNSR™ with Fidelis Network® sensors to enable advanced visibility, threat detection, and data loss/theft detection for applications and data hosted within Amazon Web Services (AWS).

Netgate’s TNSR Secure Networking Software Platform provides a high-speed network mirror port which directs packet traffic to a Fidelis Network sensor running in AWS that then provides deep visibility across all traffic, ports, and protocols; threat detection and response; and data loss prevention. As a result, with TNSR, the full power of Fidelis Network can be deployed within the AWS cloud without performance limitations.

With the integrated solution, customers can quickly deploy cloud network traffic analysis for north-south and eastwest communications of AWS cloud VMs deploying TNSR for high performance traffic mirroring. Communications use GRE tunnels between AWS Virtual Private Clouds (VPCs) to send mirrored interface VM cloud traffic by TNSR to Fidelis Network within its own VPC for analysis to prevent, detect, investigate and respond to threats and data theft/loss.

Our solutions support government, service provider, and large enterprise security needs where tens of gigabits per second of network traffic must be routinely and reliably examined for cyber threats. The sensors perform seamlessly, regardless of where the inspection point is located.

- Tim Roddy
Vice President, Product Strategy