Low-Cost Security Appliance Fights The 'Insider' Threat
ConSentry Networks introduces two low-cost, high-speed security appliances designed to clamp down on worms and viruses.
For many companies, the biggest security threat isn't hackers. It's an employee who worked from home or connected to the Internet at a Wi-Fi hot-spot and got infected with a worm or virus. Once they return to the office and reconnect to the company network, the malicious software runs wild, slowing performance, stealing confidential data, and forcing IT managers to spend time cleaning up the mess.
Businesses are looking for technology to protect themselves from such threats at a reasonable price. Like many managers in the financially troubled airline industry, Andre Gold, director of information security at Continental Airlines, can't shell out a lot money. But he wants to protect his company from damages like those caused by the SQL Slammer attack in 2002. "Our business must continue to run in case of any virus or worm outbreak," he says.
Gold is testing a network-appliance approach from venture-capital-backed ConSentry Networks. "I need business continuity in case our employee brings the virus in from home or someone else clicks on a Web site and brings spyware onto our network," he says. "ConSentry gives us an in-line purpose-built appliance with 10-Gbit performance at a reasonable price to monitor all our IP traffic." Silicon in the form of specialized chips built into the appliance also helps monitor traffic from multiple sources at once.
Gold looked at intrusion-prevention systems but says they weren't a good fit because they treated a small ticket office the same as a major airport. "Our sites with lots of users, like our hub and reservation systems, could be our sweet spot for deploying around 200 of these ConSentry appliances, when I have the budget to extend them," he says.
The ConSentry appliance introduced on Monday is designed to appeal to companies with tight budgets. The ConSentry CS-1000 Secure LAN Controller operates at 2 Gbps, has 10 network ports, and is priced around $18,000; the CS-2400 operates at 10 Gbps, has with 24 ports, and is priced around $28,000.
Gold likes the speed at which the security devices operate. "Bandwidth has grown and grown, but we don't see the same with network security vendors," he says. "I can't drop another security product into our 10-gig network and not create a bottleneck."
ConSentry has developed its own chips to provide the high-speed security features. The specialized chips feature 128 threads to monitor and control LAN traffic, eliminating much of the latency generated by other security devices, according to the company. A Secure LAN Controller is designed to malware in milliseconds using proprietary detection algorithms, and then act to block the spread of worms and viruses beyond their source.
"ConSentry is really different," says David Passmore, an analyst at the Burton Group research firm. "The appliance sits right in front of a network switch, monitors all the traffic, looks deep into IP, and if there's a virus, it can shut down the device that started it."
Steven Olson, infrastructure manager at the Las Vegas Review-Journal newspaper, also is testing the security appliance and says it can reduce the amount of work required by network administrators. He used to try and limit the systems that users could access, but that strategy no longer works now that workers "are allowed to access any PC in the company." The ConSentry device will let him segment IP traffic. "Besides, with static IP addresses one of my staff had to manually make changes," Olsen says. "With ConSentry, I don't think we'll worry about those manual changes anymore."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.