Trio of IDS vendors show latest wares

NetContinuum releases its first product, while ForeScout and Top Layer issue upgrades.

Choice in intrusion-detection systems gets wider this week as start-up NetContinuum makes its debut with a Web security appliance, while ForeScout Technologies and Top Layer Networks expand their product lines for thwarting network attacks.

NetContinuum will unveil the Web Security Gateway NC-1000, an application-layer gateway appliance that sits behind a firewall and in front of a Web server to block HTTP-based attacks and serve as a proxy for access control and Secure Sockets Layer (SSL) encryption processes.

NC-1000 is intended to perform application-intrusion prevention like competitors Sanctum, KaVaDo and Stratum8 perform with their software-based products, but also offers an encryption engine and access control based on passwords or certificates.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Choice in intrusion-detection systems gets wider this week as start-up NetContinuum makes its debut with a Web security appliance, while ForeScout Technologies and Top Layer Networks expand their product lines for thwarting network attacks.

NetContinuum will unveil the Web Security Gateway NC-1000, an application-layer gateway appliance that sits behind a firewall and in front of a Web server to block HTTP-based attacks and serve as a proxy for access control and Secure Sockets Layer (SSL) encryption processes.

NC-1000 is intended to perform application-intrusion prevention like competitors Sanctum, KaVaDo and Stratum8 perform with their software-based products, but also offers an encryption engine and access control based on passwords or certificates.

NC-1000 can reach near-gigabit speed to process 6,000 encrypted sessions per second or 1 million unencrypted sessions. The gateway also can hide information about the Web site, making it harder for hackers to determine the Web server platform.

"We wanted to 'masquerade' our front-end systems," says Mike O'Connell, systems architect at Ross Stores in Newark, Calif., who's been beta-testing the NC-1000 as a core security component for the retail chain's Web-based business-to-business site.

"But we were also looking to solve three or four problems at once with this, including SSL encryption and intrusion detection,"he says.

Ross Stores is opting to use the public-key digital certificate capability in NC-1000 to provide these trading partners with a certificate for secure access to the Ross Stores Web site. NC-1000 also can provide a log of Web-based transactions and time-stamp them.

According to Pete Lindstrom, research director at Spire Security, there is no other product comparable to NC-1000. "This represents a convergence between the IDS and trust capabilities in one security appliance," he says.

NetContinuum was founded by two network engineers, Peter Roman, vice president of engineering, and Jan Bialkowski, CTO, with $36 million in venture capital funding, primarily from Menlo Ventures, according to Wes Wasson, NetContinuum's vice president of marketing.

The interest in stopping attacks rather than simply monitoring them has other IDS vendors stepping up their own efforts.

ForeScout, which last year introduced ActiveScout Site Solution for stopping network-based attacks outside the perimeter firewall, now has a version of the IDS that can be managed more effectively across a large company.

Unlike the first version of ActiveScout, where Scout devices had to report to its own management console, the new version available this week, called ActiveScout Enterprise, lets a central console manage up to 50 Scouts.

The Scout device doesn't block attacks but instead thwarts connections from attackers through techniques such as TCP re-set, says Nancy Blair, ForeScout's vice president of marketing.

Meanwhile, Top Layer will announce products aimed at letting customers block HTTP Port 80 attacks. Top Layer's previous Attack Mitigator products focused on stopping denial-of-service attacks.