Low-Cost Security Appliance Fights The 'Insider' Threat
ConSentry Networks introduces two low-cost, high-speed security appliances designed to clamp down on worms and viruses.
For many companies, the biggest security threat isn't hackers. It's an employee who worked from home or connected to the Internet at a Wi-Fi hot-spot and got infected with a worm or virus. Once they return to the office and reconnect to the company network, the malicious software runs wild, slowing performance, stealing confidential data, and forcing IT managers to spend time cleaning up the mess.
Businesses are looking for technology to protect themselves from such threats at a reasonable price. Like many managers in the financially troubled airline industry, Andre Gold, director of information security at Continental Airlines, can't shell out a lot money. But he wants to protect his company from damages like those caused by the SQL Slammer attack in 2002. "Our business must continue to run in case of any virus or worm outbreak," he says.
Gold is testing a network-appliance approach from venture-capital-backed ConSentry Networks. "I need business continuity in case our employee brings the virus in from home or someone else clicks on a Web site and brings spyware onto our network," he says. "ConSentry gives us an in-line purpose-built appliance with 10-Gbit performance at a reasonable price to monitor all our IP traffic." Silicon in the form of specialized chips built into the appliance also helps monitor traffic from multiple sources at once.
Gold looked at intrusion-prevention systems but says they weren't a good fit because they treated a small ticket office the same as a major airport. "Our sites with lots of users, like our hub and reservation systems, could be our sweet spot for deploying around 200 of these ConSentry appliances, when I have the budget to extend them," he says.
The ConSentry appliance introduced on Monday is designed to appeal to companies with tight budgets. The ConSentry CS-1000 Secure LAN Controller operates at 2 Gbps, has 10 network ports, and is priced around $18,000; the CS-2400 operates at 10 Gbps, has with 24 ports, and is priced around $28,000.
Gold likes the speed at which the security devices operate. "Bandwidth has grown and grown, but we don't see the same with network security vendors," he says. "I can't drop another security product into our 10-gig network and not create a bottleneck."
ConSentry has developed its own chips to provide the high-speed security features. The specialized chips feature 128 threads to monitor and control LAN traffic, eliminating much of the latency generated by other security devices, according to the company. A Secure LAN Controller is designed to malware in milliseconds using proprietary detection algorithms, and then act to block the spread of worms and viruses beyond their source.
"ConSentry is really different," says David Passmore, an analyst at the Burton Group research firm. "The appliance sits right in front of a network switch, monitors all the traffic, looks deep into IP, and if there's a virus, it can shut down the device that started it."
Steven Olson, infrastructure manager at the Las Vegas Review-Journal newspaper, also is testing the security appliance and says it can reduce the amount of work required by network administrators. He used to try and limit the systems that users could access, but that strategy no longer works now that workers "are allowed to access any PC in the company." The ConSentry device will let him segment IP traffic. "Besides, with static IP addresses one of my staff had to manually make changes," Olsen says. "With ConSentry, I don't think we'll worry about those manual changes anymore."
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.