Dawn of intrusion-detection appliances
- By John K. Waters
Sun Microsystems and Symantec have developed an intrusion-detection system (IDS) "appliance" that they plan to release jointly by the end of April. Unveiled at last week's RSA Conference in San Francisco, the iForce Intrusion Detection Appliance profiles network traffic and sends out alerts on security breaches and network invasions.
Targeted at enterprise users, the device is designed to sit behind the firewall and work with existing networks.
"Today's blended network attacks can cost companies lost business, legal liabilities, and the time and money spent recovering from the attack," said Charles Kolodgy, research director for security products at IDC, in a statement. The Sun and Symantec intrusion-detection appliance provides another layer of security to complement firewalls and signature-based intrusion-detection systems, he indicated.
The iForce IDS hardware is a 1U (1.75-in.-high), rack-mounted device based on Sun's LX50 server platform. It combines Sun's x86-based server running the Solaris OS x86 Platform Edition with Symantec's ManHunt network-based intrusion-detection system.
The new appliance is capable of performing intrusion-detection analysis at speeds up to 2Gbit/sec, according to Sanjay Sharma, security segment manager at Sun. The IDS appliance gathers intelligence from across the enterprise to quickly identify and respond to both known and unknown, or "zero day," attacks, Sharma said.
Sun and Symantec worked together to optimize the components of the new appliance for high-speed intrusion detection, as well as for the Manhunt software, said Fred Klein, senior manager of business development at Symantec, to appeal specifically to enterprise users. "Symantec has had success in the consumer and small-office space," Klein said, "and our relationship with Sun has helped us to enter the enterprise."
Additionally, the Solaris OS was "hardened" by Sun's engineers, a process that involved removing all of the components not required by Manhunt, Sharma said. Fewer lines of code mean fewer avenues of attack, he explained.
The two firms also attempted to make the appliance easy to use. According to company reps, the appliance requires minimal initial set-up and configuration. Both the Manhunt software and the Solaris OS load with a single install procedure. Once installed, the system provides a single management console to control the appliance and the ManHunt application.
The new iForce IDS Appliance will be available in four models, according to Sun and Symantec. It will be distributed through Arrow Electronics' MOCA division, with pricing starting at $21,995.
John K. Waters is a freelance writer based in Silicon Valley. He can be reached