<img src="https://secure.leadforensics.com/97241.png" style="display:none;">

Bypass Technology

Maintain your network's performance

Without maintaining your network monitoring and security performance, your speed, cost and efficiency will be compromised. Bypass TAPs are reliable and easy-to-use solutions to ensure your network is performing well, 365 days a year.

What is a Bypass TAP?

A bypass TAP, sometimes referred to as a Bypass Switch, has consistent heartbeats that are sent to an inline security appliance. These heartbeats indicate the functionality of the security appliance: regular beats mean the bypass TAP is functioning well. If the beats are not returned to the bypass TAP (see below) the TAP automatically bypasses the appliance to allow the packets to be sent through, no matter how high the traffic is. It is also able to detect the status of the appliance, so when it comes back online, this is detected by the TAP and traffic is once again directed through the appliance.​

When an IPS or other Inline Appliance is installed behind a V-Line™ TAP, the TAP continually checks the status of the appliance and if it is online, will direct traffic through it. If the appliance goes for maintenance or update, or for any such reason, the TAP will automatically bypass the appliance and direct traffic straight through to the network.

DATA SHEET

  • b2d9c5_82859dfe347541ddaace5d141b2d858d~mv2
  • b2d9c5_bea2d196af304cc098cf444040088779~mv2

How does the TAP detect if the appliance is online?

  1. Heartbeat packets are injected into the traffic stream and directed to the monitoring device
  2. If the heartbeat packets are not detected, when the traffic is passed back through the V-Line™ TAP on their way back to the network, the TAP enters Bypass mode and bypasses the appliance
  3. Heartbeats are configurable for maximum flexibility and Heartbeat packets are NEVER sent on to the live network

Network Critical: Bypass TAP

This reliable and easy-to-use technology allows you to have confidence in maintaining your network security and performance because our TAPs have failsafe technology and support inline security tools, such as advanced threat protection (ATP), intrusion prevention systems (IPS) and web application firewalls (WAF). Therefore, the Network Critical Inline Bypass is the first layer of defence needed to protect your network against attacks.

The Network Critical Inline bypass TAP solution enables our customers to:

  • Keep pace with increasing network traffic volumes by enhancing inline security tool performance
  • Remove single points of failure by providing multiple layers of resiliency
  • Packet filter
  • Share traffic with passive tools as well as the IPS
DATA SHEET

This mode allows a bidirectional flow of live network traffic to be passed through a single Inline tool. The tool throughput status is monitored via heartbeat packets. While heartbeat flow is present the tool is considered active and network traffic is sent to it for inspection.

V-Line Single Tool Bypass: InActive

When heartbeat flow is blocked, due to link failure or throughput latency, the tool is considered inactive, and is bypassed. Live network traffic continues to pass uninterrupted across the TAP, and the tool continues to be monitored by heartbeats. When heartbeat flow is restored the tool is considered active again and is placed back inline.

Breakout/Aggregation TAP Mode

If V-Line functionality is not required, the module also offers some basic breakout and aggregation capabilities.

One port pair on the V-Line module can function as a TAP pair to monitor a live network link, and the remaining ports may then be independently used for traffic output to offline monitoring tools. This mode supports optional packet slicing between 16-9216 bytes before output to the tools.

V-Line Dual Tools in Parallel

This mode allows a bidirectional flow of live network traffic to be passed through two identical Inline tools, in parallel, in an Active/Standby configuration. The throughput status of each tool is monitored independently via heartbeat packets. While heartbeat flow is present the tool is considered active and network traffic is sent to it for inspection. Only one tool is required at any one time so the second active tool is held in standby.

The inactive tool continues to be monitored by heartbeats. When heartbeat flow is restored the tool is considered active again and is held in standby.

The inactive tool continues to be monitored by heartbeats. When heartbeat flow is restored the tool is considered active again and is held in standby.

V-Line Dual Tools in Series

This mode allows a bidirectional flow of live network traffic to be passed through two different Inline tools, in series. The throughput status of each tool is monitored independently via heartbeat packets. While heartbeat flow is present the tool is considered active and network traffic is sent to it for inspection.

When heartbeat flow is blocked, due to link failure or throughput latency, the tool is considered inactive, and is bypassed. Live network traffic continues to pass uninterrupted across the other tool, and both tools continue to be monitored by heartbeats. When heartbeat flow is restored the tool is considered active again and is placed back Inline.

Egress Mode

When heartbeat flow is blocked, due to link failure or throughput latency, the tool is considered inactive, and is bypassed. Live network traffic continues to pass uninterrupted across the other tool, and both tools continue to be monitored by heartbeats. When heartbeat flow is restored the tool is considered active again and is placed back inline.

drag-n-vu-logo_white-300x143

 

  • Enables fast, error-free configuration and simplifies change management

  • A single-pane-of-glass network management system, at your fingertips

  • A sophisticated computational engine, with an intelligent and intuitive graphical interface

SHOW ME HOW

Technology Partners
  • Wireshark
  • VoipFuture
  • VCloudTech
  • RSA-1
  • Riverbed
  • Radware
  • Polystar
  • Paloalto
  • Netscout
  • McAfee
  • LogRythm
  • Imperva
  • IBM
  • HP-3
  • Fortinet
  • f5-3
  • Endace-3
  • Cisco
  • CheckPoint-e1700834140957
  • Barracuda
  • Arista