Security to 10gig

Extreme Networks has announced network security products and feature enhancements, which are designed to counter threats while retaining throughput of information at 10Gbytes/s speed.

  • E-Mail
By  Simon Duddy Published  May 1, 2005

Extreme Networks has released network security products, which are designed to counter threats while retaining throughput of information at 10Gbytes/s speed. Extreme Networks is integrating security into the Ethernet switch, delivering the power to monitor traffic behavior, provide detection, containment and mitigation of threats when combining Extreme’s Clear-Flow security rules engine and its new Sentriant Virtual Security Resource (VSR) appliance. The solution is designed to provide a defence against Day Zero attacks, which are threats that lack a signature or previous pattern. Extreme claims that these attacks can now be contained before they cripple network performance. Extreme says that enterprises and Metro Ethernet service providers are looking for more centralised defense strategies that incorporate security across multiple links running at either 1 or 10 Gigabit speeds. While IDS/IPS solutions can work to block signature-based attacks, they scale only to 1 Gigabit speeds and work with a single link, thus requiring multiple devices to secure the network. “Network availability is the cornerstone of performance yet is jeopardised by security threats that choke-off critical network and security resources,” says Suresh Gopalakrishnan, vice president of worldwide marketing for Extreme Networks. “Extreme Networks’ security solution addresses these threats and the network’s availability when under attack by combining our award-winning switches and the new VSR. The resulting solution automatically detects and rapidly mitigates damaging behavior, at Gigabit and 10 Gigabit speeds,” he explains. Extreme Networks’ Clear-Flow security rules engine works within the BlackDiamond 10K switch and performs the bulk of the traffic analysis required throughout the network. Clear-Flow performs Layer2/3 packet inspection, isolates suspicious traffic and enforces policy based mitigation actions such as stopping the traffic or throttling the bandwidth for the suspicious traffic. If the network policy dictates that the suspicious traffic be analyzed further, then Clear-Flow will direct the suspicious traffic to Extreme’s Sentriant VSR appliance. In this case the external security appliance takes mitigation actions using the Clear-Flow Security Rules Engine and the core switch. Extreme Networks’ Sentriant VSR appliance provides fast mitigation of day zero threats working in tandem with Clear-Flow analysis engine. When Clear-Flow senses a potentially damaging attack, it mirrors suspicious traffic to the Sentriant VSR appliance. The Sentriant VSR appliance then uses sophisticated rules to detect and pinpoint the source of the attack and renders the offending attack benign in a matter of seconds used alone or in conjunction with Clear-Flow. Clear-Flow, available now, is standard with the BlackDiamond 10K switch. The Sentriant VSR appliance will be available this summer, at a list price of US$41,995.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code