Nevis Networks today becomes the latest entrant in a fast-growing field of companies delivering plug-in appliances for enterprise network security.
Unlike firewalls or virtual private networks, the new silicon-based security boxes are designed to fit into enterprise networks without much administrative disturbance, and then use advanced processors and in some cases proprietary silicon to provide wire-speed protection against worms, hackers and even unacceptable network use patterns as determined by enterprise administrators.
Nevis's LANenforcer family of appliances for both small and large networks are part of this growing field of products, with custom-designed ASICs that Nevis claims can offer responses to security threats measured in microseconds. Scheduled to be available in the first quarter of 2006, Nevis' appliances start at $12,995 for smaller networks of 25-100 clients and $34,995 for larger-enterprise versions supporting from 250 to 1,000 clients per box.
What makes the newer security appliances most different from historic security products are their internal focus; instead of simply trying to seal off unwanted traffic like a traditional firewall, the new appliances aim to consider and contain threats and problem usage inside corporate LANs, which have become more vulnerable with the advent of new technologies like wireless access points as well as the business expansion of the LAN's definition, which can now include a wide range of customers, contractors and guests who all may need legitimate access to the corporate network.
Like earlier entrants in this field, including ConSentry Networks, Nevis said its appliance will help corporations more quickly assess and contain a wide range of threats, including known worms and viruses, while also providing firewall-type protection as well as detection of suspicious network use patterns.
According to Dominic Wilde, Nevis's director of product management, the LANenforcer boxes deliver a small software agent at runtime to clients trying to access the network, which "pats down" each user, determining if it has the proper clearance and configurations necessary for secure access. If the replies are negative, the LANenforcers can quarantine users at speeds as fast as 150 microseconds, Wilde said, to prevent the rapid dissemination of network infections.
Such a dynamic-access system, Wilde said, is much easier to deploy than current secure setups such as VPNs, which often require networking administrator assistance to change or move a user's location.
"Provisioning [users] becomes an HR task again," Wilde said. Like other entrants in the field, Nevis's boxes also provide a traceable audit trail of network events, no small attribute in an era where Sarbanes-Oxley compliance has contributed mightily to the enterprise network administrator's to-do list.
Wilde said Nevis plans to sell directly to corporate users, and is targeting several vertical markets, such as financial services, for its primary customers. The company said it has raised nearly $33 million in venture funding, in cluding a $12.5 million round this past summer that inlcuded Silicon Valley heavyweight New Enterprise Associates.