Start-ups unveil security appliances

Start-ups Crossbeam Systems and Imperva this week each will introduce security appliances aimed at protecting corporate resources from an assortment of threats.

Start-ups Crossbeam Systems and Imperva this week each will introduce security appliances aimed at protecting corporate resources from an assortment of threats.

Crossbeam unveiled the C10, a version of its multi-function security gateway appliance for small to midsize businesses (SMB). The C10 combines firewall, VPN, intrusion detection, anti-virus, Web filtering and content scanning of mobile code. It is expected to ship next month.

The box, which costs $10,000, supports six 10/100/1000M bit/sec copper ports or four 10/100/1000 copper ports and two gigabit fiber ports for network interfaces. It runs software from third-party security vendors Alladin, Check Point, Internet Security Systems, Trend Micro and Websense.

The box competes against multifunction appliances from NetScreen Technologies and Nokia, according to Troop Wilder, vice president of marketing at Crossbeam. Crossbeam's X-Series appliances are used primarily by ISPs and large organizations.

Imperva - whose CEO Schlomo Kramer founded Check Point - last week introduced an application-layer firewall appliance, the SecureSphere G400, designed to work both at the Internet gateway and inside the corporate network to block attacks against Web servers and Oracle or Microsoft SQL databases.

The 400M bit/sec appliance, which costs $30,000, monitors up to 1,000 HTTP requests per second.

Imperva competes with KaVaDo, Sanctum and Teros. Although application-layer firewalls can be hard to configure because of the variations in applications, SecureSphere G400 is designed to be deployed in 30 minutes after it "learns" customary site usage, Kramer says.

Ontario Teachers Pension Plan, a funds management company in Toronto, says deployment was fairly simple.

"We let it run in learning mode for a week where it learned about 65,000 uses of our Web site," says Greg Mooney, senior technical team leader. "We reviewed them to make sure it was normal."

Putting the G400 into blocking mode to stop attacks was then "a no-brainer," Mooney says. The main consideration was configuring the company's network to provide a sniffer port for the G400 to use.

Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies