Nowadays cyber threats have evolved to be highly sophisticated and often bypassed traditional malware detection through advanced masking and hiding of malicious intent. In order to mitigate such vulnerability, there is an increasing number of enterprises adopting sandboxing approach.
Sandbox is deployed in an isolated or restricted networking environment separated from the main compute, memory and storage. Sandbox is often used to run unverified programs or codes as an experiment to detect sophisticated malware such as Zero-day, ransomware and other data breach techniques, without risking the main compute and networking resources.
A global leading NGFW solution provider worked with Lanner to develop enterprise-grade NGFW (next-generation firewall) and sandboxing solution to enable real-time breach detection and prevention for their research labs. The joint solution is deployed to protect emails, applications and data. The chosen hardware platform from Lanner meets the following requirements:
High Speed Switching Capabilities
To meet the traffic processing demands for carrier-grade network management, Lanner’s HTCA series leverages the latest packet processors to offer 40/100GbE high speed throughputs with capacity up to 1.2Tbps.
Multiple Intel Xeon Compute Blades
In order to offer extreme performance and processing power, HTCA-series appliances can host up to 6 CPU blades, supporting up to 12 Intel® Xeon® processor E5-2600 Series CPUs with a maximum of 264 cores
NEBS Compliant, Fully Redundant Design
All CPU blades, networking I/O blades, cooling fans and power supply units are in full-redundancy design to ensure carrier-grade high-availability and 99.9999% uptimes
PCI-Express and Storage Options
To meet the requirements for open compute architecture, Lanner appliances can support up to 6 3.5” or 12 2.5" HDD/SSD storage drives and 6 PCIe slots for expansion with acceleration cards
Today SSL inspection has higher requirements for firewall services against advanced cyber attacks. Therefore, the joint solution shall be powered by cryptographic acceleration and compression technologies, such as public key cryptography, AES, and Intel QuickAssist.
Sandboxing and Advanced Malware Detection
A sandboxing device is deployed with multiple scanning technologies towards packets in the network traffic, such as reputation vetting, built-in anti-malware scanning and Scalable Advanced Malware Detection service. The more precise the analytical technology is, the more reliable the sandbox can be in uncovering the behavior of files and blocking malicious code. Organizations have the flexibility of choosing a cloud-based or on-premise version to best suit their operational needs.
UEBA (User and Entity Behavior Analytics)
User and Entity Behavior Analytics (UEBA) technology first records the normal conduct of users, and then alert abnormal behaviors when there are traffic patterns different from the normal. UEBA is an effective approach to detect potential threats from inside the organizations.
In this collaboration, Lanner presented its HTCA-6000 series hardware solutions. The HTCA-6000 series delivers high-processing performance to run threat protection such as UEBA, cryptographic engines and SSL inspection to meet the required SSL for large enterprises and service providers. HTCA-6000 series are optimized with deployment agility in various environments including enterprise/cloud edge, in the data center core or internal segments. The multiple high-speed interfaces, high-port density, superior security efficacy and high throughput of Lanner’s HTCA-6000 series enable your network to stay connected and secure.
On the other hand, HTCA-6000 series hardware is expandable through our exclusive switch blades like HLM-1030, which provides 6x 100GbE QSFP28, 4x 40GbE QSFP+ and 16x 10GbE SFP+ fabric interface. It adopts Broadcom StrataXGS Tomahawk BCM56960 switch controller. HLM-1030 provides Lanner HTCA-6000 Series with 100/40/10 GbE fabric connectivity.