Home / FireEye / Cybersecurity: Fire Eye Advanced Threat Protection- F5 Company

Cybersecurity: Fire Eye Advanced Threat Protection- F5 Company


In the new world of Technology, the use of SSL is growing. With this growth the Cryptographic protocols are more complex with longer key lengths, while malicious payload is being encrypted with SSL. These fashions not only initiate the need for SSL checkup, but they also place an ever growing load on ATP systems. An explanation is needed to discharge SSL handling, release the ATP systems to attention entirely on sensing malicious matters.

Like all computing gear, ATP systems can fail, occasionally blocking traffic. Critical sites must permit high accessibility in case of a sensor failure. Horizontal mounting allows for ease of development and flexibility. Preferably a resolution would sharply balance the load across numerous ATP systems, permitting the site to stay available when a sensor disaster or excess takes place. 

Moreover, such a alignment would allow administrators to enhance or eliminate sensors without impacting the site readiness. This elasticity guarantees the capability to scale without interruption.
Ideally, a network would be able to recognize and steer traffic sharply either through the ATP systems or throughout them. The same traffic navigation should avoid decrypting SSL for penetrating sites, such online banking websites.

Fig 1.1- Fire Eye Advanced Threat Protection with ADC

This design enables the ATP devices to activate at their maximum capabilities without negotiating traffic throughput. Key administration is integrated at the outer ADC, release the ATP pool from attractive to perform any SSL functionality yet still having full visibility into the traffic. 

Traffic navigation allows for uninteresting traffic to avoid the ATP pool, collective the pool’s effective capacity. The hairpin enables traffic to continue to flow, even in the case of slowdown or catastrophe of all ATP sensors. The architecture protects traffic to the fullest while reducing all blockages.

Note: ADC stands for Application Delivery Controller

The ADC near the perimeter (left) performs the following:
  • Decrypts incoming SSL traffic for transport to the ATP pool
  • Encrypts outgoing SSL traffic which was delivered through the ATP pool
  • Implements load balancing on the ATP pool to specify high readiness
  • Empowers a pool sidestep when all of the associates are down
  • Navigates suitable traffic around the ATP pool without decrypting it, decreasing load on ATP devices

The ADC inside the ATP pool (right) performs a similar set of functions:
  • Decrypts Outgoing SSL traffic for delivery to the ATP pool
  • Encrypts Incoming SSL traffic which was conceded through the ATP pool
  • Implements load balancing on the ATP pool to specify high availability
  • Allows a “hairpin” whereby the pool is avoided when all of the members are down
  • Navigates appropriate traffic throughout the ATP pool without decrypting it, decreasing load on ATP devices