Security appliance adds P-to-P controls

TippingPoint Technologies has announced an intrusion-prevention appliance that the company says can block a half-dozen peer-to-peer applications, including BearShare, Gnutella, iMesh, Kazaa, Limewire and WinMX.

TippingPoint's UnityOne 200 is a gateway appliance that supports 200M bit/sec traffic throughput at the gateway. As an intrusion-prevention system (IPS), it monitors real-time traffic much like TippingPoint's higher-end models - the UnityOne 1200, 2400 and 2000 - that reach gigabit speeds.

The UnityOne 200, aimed at small- or remote-office use, is the first appliance in the TippingPoint line to monitor for peer-to-peer file sharing. Several vendors, including Akonix and WebSense, offer content-filtering products to block peer-to-peer applications at the gateway as concern grows about peer-to-peer as a bandwidth hog and possible source of copyright violations.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

TippingPoint Technologies has announced an intrusion-prevention appliance that the company says can block a half-dozen peer-to-peer applications, including BearShare, Gnutella, iMesh, Kazaa, Limewire and WinMX.

TippingPoint's UnityOne 200 is a gateway appliance that supports 200M bit/sec traffic throughput at the gateway. As an intrusion-prevention system (IPS), it monitors real-time traffic much like TippingPoint's higher-end models - the UnityOne 1200, 2400 and 2000 - that reach gigabit speeds.

The UnityOne 200, aimed at small- or remote-office use, is the first appliance in the TippingPoint line to monitor for peer-to-peer file sharing. Several vendors, including Akonix and WebSense, offer content-filtering products to block peer-to-peer applications at the gateway as concern grows about peer-to-peer as a bandwidth hog and possible source of copyright violations.

"Copyright infringement is a concern with the uploading or downloading of video and music files," says Mike Phillips, CIO at Texas Tech University Health Sciences Center medical school in Lubbock, which has been beta-testing the UnityOne 200. "People in their 20s sometimes don't appreciate the magnitude of what they're doing and that there may be serious consequences to using [peer-to-peer] applications."

Peer-to-peer can be especially hard to trace because the peer-to-peer applications often have been designed to be elusive, using techniques such as port-hopping to try to fool intrusion-detection systems and content-filtering devices. In addition, new peer-to-peer applications appear continuously and old applications change.

Phillips says he knows that the appliance might not catch every peer-to-peer application on the Internet. He says the TippingPoint appliance blocks about six of them.

Click to see: Tipping Point's UnityOne200

"These services are constantly morphing, so trying to stop 100% of the traffic may be naive and overly optimistic," he says.

Texas University Health Sciences also uses the UnityOne 200, which costs about $25,000, to block attack traffic from the Internet. TippingPoint says it also is adding the peer-to-peer blocking to its other higher-speed IPS appliances.

Meanwhile another intrusion-prevention security appliance vendor, NetContinuum, has announced it will enhance its Web Security Gateway line of 100M bit/sec and gigabit-speed appliances.

The Web Security Gateway appliances cost from $38,000 to $52,000. They are used to hide details about Web servers and applications through a "Web site cloaking" method, and stopping attacks through anomaly detection and application profiling to block an attempt to manipulate a server in an unexpected way.

Until now, each Web Security Gateway appliance - which typically is deployed behind the firewall - had to be managed by a separate console. The new management console can provide a view of multiple Web Security gateways across the enterprise, according to NetContinuum's Vice President of Marketing Wes Wesson.

The appliance can also push out policies to every Web Security Gateway, or configure each Web Security Gateway to support multiple policies - such as one of internal employees and the other for business partners, according to Wesson.