Keysight ThreatARMOR

Solve your security problems proactively.
Stop Malware, Ransomware, Phishing, Botnets, Exploits, and Hijacks, BEFORE they even hit your infrastructure.
Keysight’s ThreatARMOR leverages up-to-the-minute, Advanced Threat Intelligence, managed by experts at Keysight’s ATI Research Center, in a hardware chassis you can set up and deploy in less than an hour.
Learn More about ThreatARMOR.

In fact, why not evaluate right where you are? We bring ThreatARMOR to you and demonstrate its benefits onsite, in your network. Deployment is safe, secure…and effective!

Perimeter Security Infrastructure – Inline Visibility Solutions

SPS’s perimeter security infrastructure solutions use Keysight Business hardware and technology to provide easy and cost-efficient methods to protect your enterprise network from disruptions, while also providing a resilient security posture. Our solutions maintain service levels even during traffic congestion, unexpected software or hardware failures, or expected maintenance downtime.
We deploy and configure your Network Packet Broker(s) to aggregate, filter and load balance traffic from multiple links to Security Tools, according to your Security Policy and existing tool capacity.

We deploy and configure your Network Packet Broker(s) to aggregate, filter and load balance traffic from multiple links to Security Tools, according to your Security Policy and existing tool capacity

Our deployments maintain network reliability and security resilience during tool maintenance, troubleshooting, additional tool testing and deployment, or tool decommissioning, allowing you to save on capex by deploying the appropriate number of different types of best-of-breed security devices.


We deploy, and configure your independent, operationally separate bypass switch (also sometimes referred to as a special type of network TAP), to avoid network outage or to protect your network by preventing uninspected traffic on network links. Easily add network segments or accommodate increased link speeds.

Our HA Security solution eliminates single points of failure in the security fabric, with security resilience and failover in high-volume environments.
Resilient security becomes as reliable as the network is supports.


 
 

We help you implement the most efficient network perimeter security architecture, whether you require visibility options for monitoring and forensic tools, inline inspection of live network traffic, or High Availability Security resilience.
Combining external bypass switch and Network Packet Broker technologies means security appliances no longer deploy directly inline on live network links. Network operations and security projects, such as scaling and increasing security tool capacity, are decoupled. Security operations gains independent control of traffic monitoring or live packet inspection and protection afforded by security tools, decreasing or eliminating adverse effects on network uptime.

We implement active SSL Decryption at a single point, using third-party decryption tools, optimizing the decryption process for other security tools requiring visibility into secure packets, reducing costs, latency and maintenance hassles.

We are experts in configuring both iBypass and Vision NPB heartbeats (built-in/pre-defined or customizable) for processing through complex security service chains, to provide automatic detection, failover and recovery of both NPB and tools (Link State detection and recovery are also in effect in the security architecture).

We are experts at evaluating your overall visibility strategy on Day 2. We can demonstrate reduced risk of future operational expenditures, examine your network to ensure security policy per specified traffic flows and endpoints, and identify visibility risks found in enterprise network traffic. We’ll also show you the ease with which traffic designated for inspection or monitoring can be quickly changed.
Decouple Network and Security Projects:
Our solution architecture bridges the gap between the roles and responsibilities of enterprise network managers and security operations staff. Network changes and Security upgrades be planned independently and deployed with minimal risk of interference.


 

The Graphical User Interfaces and CLI allow easy configuration, with real-time packet and utilization counters for both ports and filters, packet capture functionality, and SNMP Agent/Traps and Syslog feed configuration.

Our solutions automatically identify, isolate and remove network or security problems from the production environment during resolution. Problem locations and magnitude can be easily pinpointed.
Because visibility devices do not participate in routing (they are a “bump in the wire”), they do not add complexity to network troubleshooting.

We will document your visibility scheme and security fabric to demonstrate:

  • Efficiencies and reduced costs our solutions bring to ongoing security strategies
  • Incremental build-out to scale security inspection tools to meet traffic capacity
  • The means to accomplish increased security absent any requirement for network redesign

We also demonstrate and document ongoing operational procedures for Security Operations personnel.

Security Partners

SPS can help you deploy the best security fabric architecture to provide the most efficient network visibility to your existing security infrastructure, enhancing the performance of security tools and partner solutions you may already have in place.


Security Partners Common Inline/Active Inspection Tools:

We Help Make Inline/Active Inspection Tools Like These Perform Better:

IPS (Intrusion Prevention System):
For example: Cisco (SourceFire) NGIPS

Malware Protection:
For example: FireEye

Decryption:
For example: Symantec (BlueCoat) SSLv

Web Application Firewall (WAF):
For example: Imperva

DDOS (Distributed Denial of Service):
For Example: Radware

Keysight Products:

We Are Experts at Implementing These Keysight Devices:
Vision E40 
Max 48 ports of 1/10GE | Max 6 ports of 40GE
Vision E100
Max 32 ports of 40/100GE | Max 128 ports of 10/25GE | Max 64 ports of 50GE
Vision ONETM
Max 64 10G ports / Max 4 40G ports;
Built-in application layer filtering and threat intelligence
Vision xStream 40
Filters and load balances 10GE/40GE networks
Vision xStream 10
Filters and load balances 1GE/10GE networks
Bypass Switches:
iBypass VHD, iBypass DUO, iBypass 40G, iBypass HD, iBypass 3 Copper
TAPs:
Copper or Fiber, 100% passive, simple link traffic aggregation, regen (multiple copies)

Security Partners Common OOB/Passive Monitoring Tools:

We Help Make OOB/Passive Monitoring Tools Like These Perform Better:
IDS (Intrusion Detection System)
DLP (Data Loss Prevention)
RSA NetWitness