Background
Today’s enterprises are highly driven by cloud computing, cloud storage and mobile services in order to stay competitive in the market. However, this attracts more and more advanced cyber attacks to get through the network protocols. According to official reports, around 80% of organizations have experienced data breaches, no matter the scale and size of the institutes. In other words, even small and medium sized organizations are also at risks. In fact, the issue is occurring more frequently as more and more companies and government offices are targeted for spear phishing, malware, ransomware and other types of hacks.
The reason behind the rising number of attacks lies in the technological aspect. Attackers today are highly familiar with the mainstream security systems so that they can hide themselves while attempting to penetrate the weaknesses of the websites or other network protocols such as FTP, SMTP mail server and HTTP. In fact, they know how to get through traditional network-based signature authentications and avoid the alert mechanism to prepare for cyber attacks. It can be practically concluded that current cyber attacks could be more sophisticated than mainstream security measures.
Requirements
As discussed, mainstream security measures appear alike in most aspects and thus hackers can get through without much hassle. To defend cyber threats, this requires higher complexity in threat prevention which needs a next-generation hardware platform to perform sophisticated virtual mechanisms in order to defend against giant volumes of breaches and malicious wares.
Experts suggest that today’s threat preventions must look into the following aspects:
- Protocol coverage: HTTP, SMTP, FTP and more
- Network and capacity analysis: 1/10/40 GbE LAN
- Sandbox: the virtual test ground to detect whether the incoming packet is a virus or malicious ware
- Physical location detection: inspect all connections from both the internal (like headquarters) or the external (from mobile devices)
- Virtual software tools: filtering, reputation-inspection, authentication, deep packet inspection, endpoint inspection, payload check and other suspicious behavior detection
In order to fulfill the duties and tasks above without hiccups, it must bring in high-performance, next-generation hardware platforms to perform web application firewall, IPS, application delivery control (ADP), anti-virus and ransomware/malware prevention. The platform must offer the following technological advancements:
- Ultra-computing performances to conduct all the tasks and duties
- High-flexibility for modular designs if scalability is needed
- Network bandwidth: as high as possible
- Reliability: redundant power supplies and replaceable cooling fans as the appliances will be put into work on a 24/7 basis.
Lanner’s Solutions
According to successful cases in the market, most of the well-defended, well-structured advanced threat preventions require two hardware platforms. Therefore, Lanner’s FW-8896 and NCA-5210 are the appliances for the work, both designed with ultra-computing power, high flexibility, high network bandwidth and high reliability.
FW-8896 is driven by Intel Haswell-EP Xeon E5-2600 v3 CPUs and is pin-to-pin compatible to Intel’s latest server-oriented Broadwell-EP platform. The seamless scalability will enhance performance, core counts and memory efficiency. In fact, the 2U FW-8896 is designed in dual Intel Haswell-EP/Broadwell-EP CPUs to deliver optimized computing power. To interconnect the dual CPUs, FW-8896 is incorporated with Intel QPI links up to 9.6 GT/s to keep latency down to minimal even during heavy workloads.
FW-8896 supports up to 40 GbE LAN connectivity, if compatible NIC modules are installed. In fact, FW-8896 offers up to 8 NIC module spaces for expansion and scalability to enhance the network bandwidth.
Regarding crypto accelerations, FW-8896 comes with Intel QuickAssist, a hardware accelerator to boost encryption processes. Once certain NIC module is installed, FW-8896 will definitely be the optimal secured appliances for enterprise virtual networks.
As a high-reliability and high-availability appliance, FW-8896 supports redundant power supplies and cooling fans so that it can remain operable 24/7.
Another hardware solution is Lanner’s NCA-5210. The new 1U ultra-powerful network appliance is driven by 6th generation Intel Core 14nm CPU (codenamed Skylake). The new architecture supports Intel® Core™ i7-6700, i5-6500 or Xeon E3-1200 v5 Series processor, DDR4 memory support and the I/O boosting, comprehensive Intel® C236 series chipset, and flexible LAN configurations.
In 1U form factor, NCA-5210 supports 8 or 12 RJ-45 GbE ports and optionally 4 SFP LAN ports, as well as 4 NIC module spaces up to 40 GbE LAN if compatible modules are installed. In addition, NCA-5210 is programmed with our latest LAN Bypass mechanism to ensure network reliability.
Both FW-8896 and NCA-5210 are optimal hardware solutions for next generation threat preventions. It is highly dependent on the network managers or protocol owners to decide which one functions as the firewall, while the other performs the ADC (application delivery control).