Reduce IDS Deployment Risks

Organizations deploying intrusion detection systems (IDSs) across their network encounter several deployment challenges such as IDS server failures, IDS performance overloads, high deployment costs for IDS per segment and high IDS management overhead.

In some enterprises, a high percentage of traffic may be based on Secure Socket Layer (SSL) and is encrypted. Therefore, it cannot be scanned by any IDS system and could pose a security threat to enterprise resources.

Without resolving these challenges, IDS deployment can become a security risk as well as costly to implement and maintain.

---

Optimize Operations Across All IDS Servers

Transform your enterprise’s IDS servers into a unified switched-based architecture by implementing Radware’s IDS traffic management solution.

This solution decrypts SSL traffic by using the capabilities of AppXcel without session termination and redirects decrypted SSL traffic to the selected IDS servers for scanning and security policy enforcement. This solution provides the following benefits:

• Overcomes the security/performance tradeoff and ensures a highly available and customizable IDS architecture by enabling the seamless aggregation of traffic from multiple network segments into a scalable IDS server farm.
• Easily adds and redirects traffic to operational IDS servers and makes use of a highly available and fully secured IDS deployment.
• Cost-effectively manages aggregated IDS server farms, since all resources are concentrated in one location and maintenance operations are completely transparent.
• Enhances IDS performance by redirecting only relevant traffic for IDS scanning. Security redirection policies can be redefined to select which traffic will be scanned by application, source or destination addresses. This reduces both the amount of traffic to be scanned by the IDS server farm and the overall cost of the IDS system and enhances security enforcement.

Radware’s IDS traffic management solution eliminates the security/performance tradeoff for IDS deployments, letting you aggregate traffic to your IDS servers while optimizing, scaling and reducing OPEX on your IDS deployment.