topic Re: SDN Network Protector; user points to remote IP host instead in Software Defined Networking

SDN Network Protector; user points to remote IP host instead

lee_sa2 — Mon, 26 Oct 2015 07:35:41 GMT

Hi,

As I saw in the HP SDN Network Protector info, it would get DNS traffic by using OpenFlow switch. OpenFlow switch like 2920 can send a user entering a web site(DNS info) to Protector and examines it.

If some smart users enter a remote malicious website by using IP address instead, does Network Protector still examine for those users for that site?

Thanks,

S. Lee.

Re: SDN Network Protector; user points to remote IP host instead

ShaunWackerly — Fri, 22 Apr 2016 20:41:22 GMT

To my knowledge, the current release of Network Protector will not inspect traffic sent directly to an IP address. The Network Protector application inspects DNS packets, so if the user circumvents that process by accessing an IP address directly, Network Protector will not inspect their packets.

Other current and future solutions by HPE may provide the inspection capabilities you're looking for, but presently Network Protector does not provide that level of inspection.