NetOptics

See the newest features on iBypass HD here >

The Net Optics iBypass HD is the highest density bypass switch available for in-line network security appliances, such as intrusion prevention systems (IPSs), Web application optimization devices, and firewalls. The first of its kind, it supports two to eight segments, with each segment operating independently to ensure link protection. Single-segment and multi-segment IPS appliances can be connected, maintained, and removed without affecting traffic through the links or the operation of the other segments. In addition, pairs of bypass switches can be linked in a high-availability (HA) configuration supporting both tool and link redundancy.
 

Fail-open Link Fault Protection

Exclusive Net Optics Link Fault Detect, Bypass Detect, and Heartbeat features enable an iBypass HD switch, IPS appliance, and connected switches and routers to share state information. Configurable Heartbeat packets are sent from the iBypass HD switch trough the IPS in both directions to monitor the health of the IPS. When a fault condition is detected, the IPS loses power or is redeployed, or IPS software malfunctions, traffic is automatically routed using FastPath switching technology directly through the iBypass Switch rather than through the in-line appliance, keeping the network traffic flowing.
 

Modular Design
The iBypass HD chassis accepts four hot-pluggable Dual Bypass Modules (DBMs). Each DBM provides two independent bypass switches, which can also be configured as an HA failover pair. Different DBM models support 10/100/1000 copper, singlemode fiber, and multimode fiber media. The fiber DNMs have SFP-based monitoring interfaces, so that any type of tool can be supported. The chassis can be populated with any mix of DBM types to suit the monitoring environment. Each bypass switch can also be configured as a network Tap, further increasing deployment flexibility.
 

High Availability
High availability configurations enable the iBypass HD to support monitoring environments that use tool redundancy, link redundancy, or both.

When a DBMs bypass switch pair is configured for tool redundancy, one network link and two IPSs are attached to the DBM. Traffic normally flows through the primary IPS, but if the primary IPS fails, traffic is routed through the backup IPS.

When a DBMs bypass switch pair is configured for link redundancy, two network links and one IPS are attached to the DBM. Traffic on the primary link normally flows through the IPS (and traffic flows directly through the backup link), but if the primary link goes down, traffic from the backup link is routed through the IPS.

Tool and link redundancy can operate simultaneously, with two network links and two IPSs attached to the DBM. If the primary IPS fails, the secondary IPS is switched in; and if the primary link goes down, the backup link is routed through the active IPS.

Fail Open Fail Closed
When the iBypass HD detects an IPS failure, it switches to Bypass On mode, where the network link is open to traffic flow without going through the IPS. This behavior is known as Fail Open mode. Fail Closed mode is also available. If the bypass switch is configured for Fail Closed mode and an IPS failure is detected, the network ports are downed, blocking traffic flow and enabling attached switches and routers to take corrective action such as switching traffic to an alternate data path.

Dual Power Supplies
iBypass HD has two independent power supplies that provide fault tolerance: If one power supply loses power, the unit continues operating on the remaining supply. The power supply modules are hot-swappable, so your monitoring capability is not interrupted if a power supply needs replacement. Both universal AC and -48VDC (telco) models are available.

Easy Configuration
Packed with functionality, iBypass HD  is a network device that plugs and plays as easily as the rest of the Net Optics Tap products. Its command-line interface (CLI) enables any iBypass HD  parameters to be checked or changed with a few keystrokes. The management interface is password-protected and accessed through a secure, dedicated management port. The CLI is also available through a local RS-232 serial port. iBypass HD supports RADIUS and TACACS+ authentication and authorization for easy integration in enterprise networks. SNMP support and GUI management tools are coming soon.

Security and Reliability
iBypass HD  handles network traffic entirely in hardware, so data flowing through iBypass HD's in-line links can never be hacked or compromised. Configuration variables can be changed only through the device's management port.

iBypass HD maintains its configuration even when power is offline. When iBypass HD is powered off, traffic flows continue between the device's in-line network ports, maximizing network uptime.

Doing Our Part
Net Optics is dedicated to ensuring user safety, and to developing products that are environmentally friendly. iBypass HD adheres to UL and CE safety certifications; FCC, VCCI, and C-Tick EMC certifications; as well as RoHS and WEEE environmental certifications.