Low-Cost Security Appliance Fights The 'Insider' Threat - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure

Low-Cost Security Appliance Fights The 'Insider' Threat

ConSentry Networks introduces two low-cost, high-speed security appliances designed to clamp down on worms and viruses.

For many companies, the biggest security threat isn't hackers. It's an employee who worked from home or connected to the Internet at a Wi-Fi hot-spot and got infected with a worm or virus. Once they return to the office and reconnect to the company network, the malicious software runs wild, slowing performance, stealing confidential data, and forcing IT managers to spend time cleaning up the mess.

Businesses are looking for technology to protect themselves from such threats at a reasonable price. Like many managers in the financially troubled airline industry, Andre Gold, director of information security at Continental Airlines, can't shell out a lot money. But he wants to protect his company from damages like those caused by the SQL Slammer attack in 2002. "Our business must continue to run in case of any virus or worm outbreak," he says.

Gold is testing a network-appliance approach from venture-capital-backed ConSentry Networks. "I need business continuity in case our employee brings the virus in from home or someone else clicks on a Web site and brings spyware onto our network," he says. "ConSentry gives us an in-line purpose-built appliance with 10-Gbit performance at a reasonable price to monitor all our IP traffic." Silicon in the form of specialized chips built into the appliance also helps monitor traffic from multiple sources at once.

Gold looked at intrusion-prevention systems but says they weren't a good fit because they treated a small ticket office the same as a major airport. "Our sites with lots of users, like our hub and reservation systems, could be our sweet spot for deploying around 200 of these ConSentry appliances, when I have the budget to extend them," he says.

The ConSentry appliance introduced on Monday is designed to appeal to companies with tight budgets. The ConSentry CS-1000 Secure LAN Controller operates at 2 Gbps, has 10 network ports, and is priced around $18,000; the CS-2400 operates at 10 Gbps, has with 24 ports, and is priced around $28,000.

Gold likes the speed at which the security devices operate. "Bandwidth has grown and grown, but we don't see the same with network security vendors," he says. "I can't drop another security product into our 10-gig network and not create a bottleneck."

ConSentry has developed its own chips to provide the high-speed security features. The specialized chips feature 128 threads to monitor and control LAN traffic, eliminating much of the latency generated by other security devices, according to the company. A Secure LAN Controller is designed to malware in milliseconds using proprietary detection algorithms, and then act to block the spread of worms and viruses beyond their source.

"ConSentry is really different," says David Passmore, an analyst at the Burton Group research firm. "The appliance sits right in front of a network switch, monitors all the traffic, looks deep into IP, and if there's a virus, it can shut down the device that started it."

Steven Olson, infrastructure manager at the Las Vegas Review-Journal newspaper, also is testing the security appliance and says it can reduce the amount of work required by network administrators. He used to try and limit the systems that users could access, but that strategy no longer works now that workers "are allowed to access any PC in the company." The ConSentry device will let him segment IP traffic. "Besides, with static IP addresses one of my staff had to manually make changes," Olsen says. "With ConSentry, I don't think we'll worry about those manual changes anymore."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll