CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

Cyber Insight

MIT Submarine and MIT Security

Zakk Wei/Senior Product Director,L7 Networks

Since L7 was founded at Hsinchu Science-Based Industrial Park in 2002, L7 focus in network security. In this field, very rare local vendors can provide security products that can fit in large core networks. Most local vendors focus on hackers, SOC, email, EDR because core network is too big and affect too many services. Products installed at core networks are not easy to be stable enough to interconnect with Cisco / Fortinet / PaloAlto.

For example, the cloud data center in Department of Internal Affairs has hundreds of services within a portal. Outside visitors need to pass (1) L7 server load balancer "InstantBalance" to be redirected to (2) L7 reverse proxy "InstantWAF" to do SSL decryption and WAF filtering, and then to dedicate virtual machines operated by internal divisions, which is also load balanced by (3) L7's virtual load balancer "InstantBalance" to reach the actual server. For outgoing traffic, internal users must pass (A) L7's forward proxy server "InstantCheck" to filter behaviors and go to (B)L7's application bandwidth manager to quarantee / limit bandwidth, and pass through (C)InstantGuard subscribed service which integrate more than 8 threat intelligence to stop zombie PCs from connection back to C&C servers. L7 boxes sit among US security products and are gradually exposed to the public, and are becoming more and more important role for the national defense line.

In above (1), (2), (3), (A), (B), (C) processes, core traffic usually reach multi-gigabit per second. 10G network interfaces are also very common. To keep the system stable with high availability and fault-tolerant hardware bypass, L7 must fast respond to the system crash when we are under attack. This is the essential ability to have in core networks. Aside from that, SSL decryption is also important to catch crime and record the trace within encrypted channels.

From L7's cyber insight, high-speed recognition of tunnelled criminal behaviors is essential, just like catching people in fever from a lot of crowd, and is a must to play the role in the national defense line.