Layer 2 Firewalling

Only protecting a network at the outer perimeter is no longer sufficient. Protection also needs to be implemented inside network. Taken to its logical conclusion, each device would have to get its own segment with a perimeter firewall. Some next-generation firewalls provide this functionality using a concept of zones.  Each zone has its own IP network and can be used for only one device. This is an administrative overhead that is not feasible for a number of practical reasons. The reason for this approach is that current firewalls are implemented as layer 3 devices, basically as routers with an integrated firewall.

Cognitix has taken a different approach and has incorporated the next-generation firewall into a layer 2 device. The Cognitix Threat Defender can be installed at any point within the network. It can use the layer 7 classification, IPS, URL classification, Data Leak Prevention, inline real-time correlation and enhanced reporting capabilities on all, or only certain, segments of the network. Essentially, the firewall is inserted in the cable between your devices. Cognitix has made the firewall a part of the very fabric of the network.

By building a layer 2 next-generation firewall, Cognitix has also fixed one of the major problems facing administrators today. It is currently difficult to stop compromised devices on the same layer 2 network from accessing other devices on the same network without restrictions. Some administrators solve this problem by adding complex features to their switches, such as “Private VLANs”. This will unfortunately block legitimate traffic between devices. A more elegant solution allows hosts to communicate with each other freely, while ensuring that their access can be automatically monitored and automatically restricted based on layer 7 contextual policies.

The Cognitix Threat Defender can act either as a simple connection between two devices or as a switch between several devices. This will depend on the number of network interfaces of the server onto which the Threat Defender has been installed and is devices as shown in the graphic.

Layer 2 firewalling

By installing the Cognitix Thread Defender on a port-dense server you can use it as a “security aware layer 2 switch”. It does not have the limitations of “Private VLANs” and administrators are able to block only the risky and specific connections between hosts in the layer 2 network. This allows administrators to use all the next-generation firewalling capabilities, the network segmentation, the inline real-time correlation and the enhanced reporting for all traffic between all devices in the network.

Adding security with cognitix Threat Defender is as easy as adding a switch between your devices.

Try Our Threat Defender!