Net Optics Confidential and Proprietary 1 Bypass Switches Intelligent Access and Monitoring Architecture Solutions

Net Optics Confidential and Proprietary 2 Network Security Trends Threats Intrusions escalating in Sophistication Severity Frequency Malware and spam proliferating Insider attack vectors growing Responses IPS Systems Firewalls DLP Systems UTM Systems

Net Optics Confidential and Proprietary 33 The Security Monitoring Access Challenge Deploy today’s sophisticated security and compliance monitoring tools in-line in the network while minimizing the risk of downtime IPS DLP WAF DAM APM NGF

Net Optics Confidential and Proprietary 44 The Bypass Switch Solution Bypass switches provide fail-safe ports for in-line security devices. When security devices fail, the Bypass switch can automatically restore connectivity by bypassing the security devices. Provides peace of mind when deploying new technology in-line Protects against power, link, and application failure Flexibility for testing, upgrades, and moves Fully passive –when Bypass Switch loses power, the link is still up Normal Operation (Bypass Off)

Net Optics Confidential and Proprietary 55 Key Features Supports speeds from 10Mbps to 10Gbps Bypass switch configurations:  Basic - 4 Ports  High Density – up to 32 Ports Heartbeat and Link Fault detection  Identify application failure  Identify device failure  Detect link anomalies RMON statistics Remote management via CLI and Web GUI (on select models)

Net Optics Confidential and Proprietary 6 Bypass Switch Interface 10GigaBit iBypass Switch

Net Optics Confidential and Proprietary 77 Bypass Function Triggers Loss of link between Bypass Switch and tool o Tool maintenance or redeployment Power loss to the Bypass Switch Heartbeat failure o Power loss to the tool o Tool dropping packets due to oversubscription o Tool processing packets too slowly o Tool software hung o Tool hardware failure Supports Fail Open and Fail Closed

Net Optics Confidential and Proprietary 88 Fail Open vs. Fail Closed Bypass switches provide fail-safe ports for in-line security devices IPS Failure (Bypass On – Fail OPEN) IPS Failure (Bypass On – Fail CLOSED)

Net Optics Confidential and Proprietary 99 The Need for High Availability Monitoring If Bypass Switch fails OPEN to traffic, can you tolerate passing traffic without monitoring while a tool is down? –Intrusions and other attacks –Data loss –Compliance issues If Bypass Switch fails CLOSED to traffic, can you tolerate link down while a tool is down? –Loss of mission-critical applications –Customers cannot be serviced –$$$$$ impact

Net Optics Confidential and Proprietary 10 Tap Mode While Bypassing Bypass Switch acts as a full-duplex breakout Tap while in Bypass ON mode (can be set via trigger or manually) – Use IPS as IDS to test new signature sets – Use as Tap when you don’t need a Bypass Switch FiberCopper Half-duplex mirrored traffic

Net Optics Confidential and Proprietary 11 Redundant Tools Protect Against Tool Failure Traffic flows through primary IPS If primary IPS fails, traffic is routed through backup IPS When primary IPS recovers, traffic returns to it If both IPSs fail, traffic passed directly through the link

Net Optics Confidential and Proprietary 12 Redundant Links Protect Against Link Failure Traffic flows through the primary link and the IPS If the primary link fails, traffic from the backup link is routed through the IPS When primary link recovers, its traffic returns to the IPS The link traffic that is not being routed through the IPS is open to traffic flow Fault mirroring across the links is required so both endpoints are aware of any fault

Net Optics Confidential and Proprietary 13 Redundant Tools and Links Together Traffic flows through primary link and primary IPS If primary IPS fails, traffic from the active link is routed through backup IPS If the primary link fails, traffic from the backup link is routed through the active IPS

Net Optics Confidential and Proprietary 14 iBypass HD – Redundant Links & Tools Net Optics iBypass HD — High Density, eight Bypass Switches in a 1U appliance Four Dual Bypass Modules (DBMs) o Configure DBM as two independent Bypass Switches o Configure DBM as a single HA Bypass Switch with Tool redundancy and/or Link redundancy o Configure as a Bypass Switch plus a Tap

Net Optics Confidential and Proprietary 15 iBypass HD Features Manual (forced) Bypass On mode – Take tool offline immediately in case of emergency Acts as a Tap when traffic is bypassing the tool – Test signature set out in IDS mode Dual Heartbeat packets check both directions of data flow Link Fault Detection (LFD) — fault mirroring across Link Bypass Detection — signals tool that bypass is engaged Fail-open and fail-closed modes Remote monitoring (RMON) traffic statistics RADIUS and TACACS+ authentication and authorization Dual hot-swappable AC or DC redundant power supplies FiberCopper

Net Optics Confidential and Proprietary 16 Summary - Bypass Switch Benefits Protects links with IPSs and other in-line security monitoring tools against –Power failure (IPS or bypass switch) –Tool failure (hardware, software hangs or slowdowns) Increases solution reliability by independently checking the IPS and supporting High Availability (HA) network architectures Provides capability to take tools offline instantly when problems occur Provides flexibility to remove IPSs without interrupting link traffic; also flexibility to use as Taps Increases traffic visibility with RMON traffic statistics and remote manageability 10GigaBit iBypass Switch

Net Optics Confidential and Proprietary 17 Net Optics, Inc Thank You!