Site icon IT World Canada

NetScreen offers the works with all-in-one security box

NetScreen Technologies Inc. is planning a new product line that will include firewall, VPN and intrusion-prevention software in a single box, giving customers a way to beef up security without adding multiple devices to their networks.

Within 18 months, the company says it will ship the combination gear, which hasn’t been named yet, on a new hardware appliance custom-made to handle the heavy processing and storage load imposed by the security applications. The company also will upgrade its NetScreen-Global management software so it can set intrusion-prevention policies.

The new hardware platform will let the gear perform its combined functions at wire speed, NetScreen says.

Several competitors, such as TippingPoint Technologies Inc., CrossBeam Systems Inc. and CloudShield Inc., are working on high-speed hardware to perform security functions in a similar fashion, says John Pescatore, research director for network security at Gartner. But, he says, NetScreen has a considerable number of customers already by virtue of its high-speed firewall/VPN equipment based on custom chips.

Placing intrusion prevention and firewalling in the same equipment makes sense because it centralizes security policies, says Stephen Gill, a technical analyst with Greenwich Technology Partners, which uses NetScreen VPN/firewall equipment. “You are examining every packet at the firewall as it crosses your network anyway, so you might as well do intrusion detection at the same time,” he says.

To work at gigabit speeds the device requires custom processors such as NetScreen’s, Pescatore says. “You have to do this type of deep packet inspection in hardware,” he says.

NetScreen is obtaining intrusion-protection technology from OneSecure Inc., maker of Intrusion Detection and Prevention (IDP) system software that it sells on PC hardware appliances. NetScreen is buying OneSecure for US$40.3 million stock sometime next month, and NetScreen will start selling IDP then with a NetScreen label.

By the middle of next year, the company expects to boost the speed of the gear to 1Gbps so the device won’t become a bottleneck in gigabit Ethernet networks.

But because part of what IDP does requires extensive storage capabilities, fully integrating IDP with NetScreen’s firewall and VPN software demands a hardware platform with more memory. NetScreen says that platform and full IDP integration will be ready within 18 months.

Pescatore recommends against using these devices for remote-access VPN connections where individual PCs access a VPN gateway via the Internet. The high number of remote-access connections make setting up the security parameters too complex to be practical. However, the equipment is well-suited for site-to-site VPNs because fewer individual VPN connections are involved, he says.

OneSecure says its software streamlines inspecting packets for telltale intrusion signatures, which are the patterns in traffic that indicate the packet might be malicious. Some intrusion-detection systems look for signatures in all packets, regardless of whether these packets might cause harm.

OneSecure says Sendmail Wiz Attacks that flood Simple Mail Transfer Protocol (SMTP) servers have their own signatures that can be identified by parsing every packet. But to avoid harm, only the control-session packets of the connections need to be analyzed and, if the signature is found, blocked.

Pricing will be set when the new boxes are announced. NetScreen is at – you guessed it – www.netscreen.com.

Exit mobile version