SecureStack

Optimized handling for secure traffic

SecureStack

See How We Stack Up!

Keysight offers an extensive set of visibility intelligence feature stacks so you can get the most out of your visibility and security platform – our capabilities allow filtering based on L2 through L7. Moreover, we provide industry-specific, specialized capabilities. Each stack of features is executed with a purpose-built design to ensure you get the best performance whether in a physical data-center or a private, hybrid or public cloud.

Find Your Platform

SecureStack Features

Threat Insights

Threat Intelligence

Today's organizations are under cyberattack. Malware can find its way into an organization in a multitude of ways including email, clicking on malicious links, mobile devices, USBs used by employees, as well as physical intrusions into a network. Cyber Security Ventures reported that ransomware will attack a business every 14 seconds by the end of 2019.

With our threat insights feature, you will be able to:

  • Recognize malware, botnet, exploits, hijacked IPs and phishing activity with your Vision ONE, Vision XVision 7300, or CloudLens
  • Send threat information automatically via NetFlow to existing security appliances

Threat intelligence from our Application and Threat Intelligence (ATI) Research Center, also used in Keysight's ThreatARMOR, provide what you need to secure your network without requiring any additional threat intelligence feed. You can ensure the security of your network by easily:

  • Detecting IoT attacks
  • Tagging suspicious or rogue applications and monitoring them for unusual activity
  • Tracking traffic to or from unauthorized geographies
  • Tracking questionable file transfers and brute-force attacks

Active SSL

Inline Decryption

Decryption and Encryption with Ephemeral Key and TLS 1.3 Support

Encrypted traffic is a dual-edged sword, where the protection it provides can be manipulated by hackers to inject malware and other threats into a network. As most traffic becomes encrypted and with ephemeral key on its way to becoming the dominant technology, organizations need a way to retain the benefits of TLS 1.3 standards, while being able to inspect traffic for threats and malware to protect their networks and users.

Keysight's Inline Decryption capability enables organizations to see inside traffic that uses ephemeral key cryptography through its visibility platform. With our Inline Decryption you can:

  • Decrypt once and scale monitoring infrastructure. Offloading TLS decryption will optimize security and monitoring tool performance.
  • Deploy inline, out-of-band (OOB), and simultaneous inline and OOB tool configurations for the ultimate flexibility
  • See into both outbound and inbound traffic to inspect downloads and detect server attacks
  • Achieve limitless visibility when used with our NetStack, PacketStack and AppStack capabilities

Inline Decryption is available via separate high-performance application modules that are compatible with Vision ONE™ and Vision X™.

  • Inline Decryption employs a dedicated cryptographic processor, to provide the best throughput integrated with a visibility solution
  • Throughput options on the Vision ONE include 1G, 2G, 4G or 10G (license per module). Upgrades via licensing.
  • Throughput options on the Vision X include up to 25G decryption per CPU on the Application Module.
  • Includes built-in policy management, URL categorization, and real-time insight through reporting
  • Supports all leading ciphers including TLS 1.3 (current draft)

Learn more about our Inline Decryption capability and the Vision ONE and Vision X platforms:

SSL Decryption

Out-of-Band Decryption

Data encryption helps make information secure, but unfortunately, it can also be used by hackers to inject malware, viruses and other risky content into encrypted traffic and traverse your network without being detected. Get greater visibility by decrypting traffic to detect such malware, prevent data loss, monitor applications and more. We can help you offload the SSL/TLS decryption work and remove your network performance bottleneck.

  • Get visibility to encrypted sessions without compromising security with role-based access controls and bidirectional decryption capability
  • Handle 10 million concurrent sessions with up to 8Gbps throughput within AppStack on the Vision ONE and Vision 7300.
  • Support encryption ciphers and key sizes: 3DES, RC4, AES, SHA1/521/384/256/224, MD5, ECC (Elliptic Curve), RSA and Diffie-Hellman Key Exchange
  • No impact on application identification and filtering performance
  • Can work simultaneously with NetFlow generation, data masking, PCAP, and application forwarding

Data Masking +

Data Masking +

With personally identifiable information traversing the network, security is key to keeping your consumers and your organization safe. Data masking + helps you meet compliance regulations by securely masking sensitive data on your network such as credit card and social security numbers.

Data masking + allows you to:

  • Use pre-defined patterns to mask major credit cards, social security numbers, and email addresses
  • Use a configurable offset with any number of bytes to mask a specific place in a packet
  • Reduce false positives with built-in credit card number validation using the Luhn algorithm
  • Achieve Payment Card Industry Data Security Standard (PCE-DSS), HIPAA, and other regulatory compliance

Threat Intelligence Overview

Recognize malware, botnet, exploits, hijacked IPS and phishing activity with threat intelligence on your Vision ONE, Vision XVision 7300, and CloudLens systems.

Be More Secure

Stack On:

Security focused intelligence that gives you better visibility to Transport Layer Security (TLS) / Secure Sockets Layer (SSL) encrypted traffic with the greatest keys and ciphers supported.

Featured Resources

Data Sheets 2020.09.04

SecureStack

SecureStack

Ixia's SecureStack capabilities, available on Vision packet brokers, offer a way to increase security through your visibility platform. Better secure your network with visibility into encrypted traffic with the greatest keys and ciphers supported for your Transport Layer Security (TLS) and Secure Sockets Layer (SSL). Decrypt data and see the threat insights feed about issues on your network, so you can take action. Protect PCI by masking sensitive data on your network to ensure compliance without specialized appliances.

2020.09.04

Data Sheets 2020.10.05

AppStack

AppStack

Keysight Visibility AppStack Data Sheet

2020.10.05

Data Sheets 2020.09.25

Vision ONE Security Without Sacrifice

Vision ONE Security Without Sacrifice

Vision ONE acts as the first step to security, providing reliable inline connectivity for security tools such as intrusion prevention systems (IPS), data loss prevention (DLP), and Web firewalls. Download the datasheet to read additional details on the key features.

2020.09.25

Data Sheets 2020.08.29

Vision X Network Packet Broker

Vision X Network Packet Broker

Ixia’s new Vision X network packet broker is the next-generation network visibility solution. In only three rack units, Vision X is a high-density, high-performance product. Its modular chassis can be upgraded to meet your network needs now and in the future.

2020.08.29

White Papers 2020.05.26

Inspecting SSL Traffic: Achieving the Right Balance of Visibility and Security

Inspecting SSL Traffic: Achieving the Right Balance of Visibility and Security

A delicate balancing act is taking place on networks globally. It is the balance between applying strong protective measures to keep data safe and unintentionally concealing new IT security vulnerabilities. And it all centers on SSL (Secure Socket Layer) encryption. Just as SSL encryption protects certain details of a transaction, it can also conceal and protect malicious cyberthreats. This means it is essential for organizations to decrypt and inspect SSL traffic, to be sure it is not being used to propagate malware. This paper describes the current state of SSL traffic inspection and how organizations can gain full visibility into what is happening in their networks and mission-critical applications. What You’ll Learn:- What is SSL encryption, and why should organizations take it more seriously?- Why is network visibility so essential is this context?- What are the most tangible threats, and threat indicators?- What performance problems exist for firewalls, antivirus, antibot and application monitoring tools?

2020.05.26

White Papers 2020.05.25

Best Practices For Monitoring Encrypted Data

Best Practices For Monitoring Encrypted Data

Once used to increase the security of Internet traffic, encryption has actually made the work more difficult. Many firewalls and other security tools do not understand encrypted traffic and many organizations have chosen to pass encrypted traffic into their networks without security inspection, just to keep communications flowing. Unfortunately this creates blind spots in network visibility – areas where the organization is unaware of the traffic moving inside and exiting the network.

2020.05.25

Solution Briefs 2018.10.08

SecureStack- Optimized Handling of Secure Traffic

SecureStack- Optimized Handling of Secure Traffic

Read the feature brief to discover how SecureStack adds another layer of security to your system without adding a dedicated tool.

2018.10.08

Solution Briefs 2020.02.26

Security: In an Encrypted World

Security: In an Encrypted World

The challenge for IT security and operations professionals is how to balance the need for data protection and security.

2020.02.26

Reports 2018.08.09

Security Report 2017

Security Report 2017

We analyze the impacts of these new trends including examinations of the shifting environment of network security, how security reach is expanding, new threats, and new areas of vulnerability.

2018.08.09

Related Products

Want help or have questions?