cognitix Threat Defender is incorporated as a next generation firewall into a layer 2 device. This new approach makes the firewall a part of the very fabric of the network. Threat Defender is invisible, or transparent to the network. It acts as a “bump in the wire” with no perceptible effect on the throughput or latency. The device is inserted in the cable between existing devices at any point within the network. It still accesses the layer 7 classification, IPS, URL classification, inline real-time correlation and enhanced reporting capabilities on all, or only targeted, segments of the network. Working on layer 2 within the network, Threat Defender delivers the required and focused response immediately and directly to the identified devices.


Benefits


Introducing security within a network often comes at a cost because it adds complexity to the communication system. This complexity reduces flexibility, stifles migration, inhibits virtualization, throttles performance, increases costs and raises the risk of configuration errors.

The cognitix approach avoids adding an extra layer of complexity to the communication system and keeps the network topology as flat as possible.

The transparency on layer 2 allows Threat Defender to be inserted throughout the network, not just at the network segment interfaces. Security is added as an overlay network, separating the network topology from security relationships. This flexibility mitigates the need to constantly create or modify network segmentation to reflect changing security requirements. The ability to place Threat Defender at each source of communication is the equivalent of a security level with a network segmented for each individual device. cognitix accomplishes this without the need to change the existing network configuration.

The freedom that transparency offers in placing the devices anywhere within the network increases the granularity of the security instructions. Targeting specific devices with specific rules eliminate the risk of collateral damage. There is no need to “throw the baby out with the bathwater” to stop compromised devices on the same layer 2 network from accessing other devices on the same network. The conventional solution to avoid this problem is to add complex features to switches, such as VLANs. This comes at the cost of also blocking legitimate traffic between devices. A more elegant solution allows hosts to communicate with each other freely, while ensuring that their access can be automatically monitored and automatically restricted using context policies on layer 7. This is implemented on layer 2 to solely target the identified devices and activities.


Related Topics:

  • Dynamic network objects rely on access to the all the devices in the network to target and describe the connection between the individual devices.

  • Activity-based rules need to identify all the communication activities between the devices in the network regardless of the segment location.


Get our newsletter

Subscribe to our mailing list

* indicates required

cognitix GmbH will use the information you provide on this form to be in touch with you and to provide updates and marketing. Please let us know all the ways you would like to hear from us:

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at noreply@cognitix.de. We will treat your information with respect. For more information about our privacy practices please visit our website. By clicking below, you agree that we may process your information in accordance with these terms.

We use MailChimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to MailChimp for processing. Learn more about MailChimp's privacy practices here.