A new enterprise security appliance to be unveiled Monday by startup NetContinuum Inc. targets a variety of security threats delivered via Web traffic and is being marketed to the growing number of companies offering Web-based services and applications.
The new device, called the NC-1000, will sell for US$28,000 for a 10/100Mbps model and US$38,000 for a 1Gbps model. This is the first release from the venture-funded Santa Clara, Calif., company.
The NC-1000 is designed to compensate for a weakness in traditional network firewall technology, namely, the tendency of most firewalls to pass on, but not inspect Web traffic on port 80. That shortcoming leaves many companies vulnerable to attacks hidden in that Web traffic, including scripting, cookie and URL-based threats.
Currently, most companies offering Web services either ignore the problem of port 80-based attacks altogether, focus on patching and securing individual application servers against attack, or refrain from exposing sensitive information and transactions in any form, according to analyst Pete Lindstrom of The Spire Group.
NetContinuum’s new rack-mounted appliance is designed to be deployed directly behind a firewall, intercepting all Web traffic passing through port 80. The device acts as a terminus for all incoming Web sessions, capturing Web traffic then performing packet inspections on it, including inspections of header and URL information that are often used to hide attack code or illegal commands.
After completing its inspections, the NC-1000 establishes its own secure connection to application servers within the data centre, passing the traffic along at wirespeed, according to NetContinuum.
The device effectively encrypts all Web site content using SSL and offers ‘cloaking’ technology that hides information about Web applications from Web site scanning tools, according to information provided by NetContinuum.
To handle the high volume of traffic inspection and encryption, the NC-1000 uses an application-specific integrated circuit (ASIC) containing 48 multithreaded CPUs and over 60 million transistors. The ASIC is capable of supporting over one million concurrent connections and 6,000 SSL (secure socket layer) transactions per second, according to NetContinuum.
The product is being marketed to medium-size and large enterprises that are offering Web-based services to customers or deploying Web-based applications to employees or business partners.
The NC-1000 marks a new approach to security, according to Lindstrom, and might be attractive to companies that are looking for a way to protect their corporate resources from Web-based traffic, but are wary of sacrificing performance.
“NetContinuum is taking kind of a horizontal spin, combining the capabilities of an SSL accelerator, a firewall and pieces of Web access control into a proprietary ASIC on a perimeter appliance,” Lindstrom said.
The new device helps address what Lindstrom calls the “back and forth” between IT administrators’ concern about security and their need for high performance, according to Lindstrom.
“NetContinuum hits the pain points that are most evident: they use SSL to enable more transactions, they offer good processing performance and they protect against prevalent port 80 attacks.”
In the rapidly evolving market for security appliances, however, Lindstrom said that it is still unclear what technology will be embraced by fickle corporate customers.
“This is where most perimeter activity is converging,” Lindstrom said. “But it’s not clear now how or where we’ll go. There are lots of security devices out there securing different applications.”
Lindstrom said that NetContinuum, with 120 employees, will need to continue to deploy new features on the NC-1000 to keep up with ever-evolving threats from the hacker community, while staving off competition from established firewall and security appliance vendors in order to survive.