- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
Network World - A start-up named Broala has been formed to expand the open-source intrusion detection system known simply as Bro that has been used in high-speed research networks for about two decades.
The Bro IDS has been used for security monitoring in high-speed networks, notably the Energy Sciences Network (ESnet) which has deployed it for about 15 years to monitor and protect ESnet. The founders of Berkeley, Calif.-based Broala say they intend to maintain Bro’s open-source heritage but also to expand this core open source code to include newer applications.
“There are hundreds of potential applications for this programming language,” says Liam Randall, managing partner at Broala, co-founded with key open-source Bro developer Vern Paxson as chief scientist, Robin Sommer as director of R&D, and Seth Hall as director of engineering.
Randall says examples of what could be done further with Bro include possibly building a data-loss prevention system that might be combined with the Bro IDS or other various appliances. There’s a growing demand for professional services related to Bro, and Broala as a start-up could provide customer support, he points out.
Randall said Bro development has been funded by grants by the National Science Foundation. But the establishment of privately held Broala (which publicly reports no venture capital funding yet) is a step to further modernize Bro in a more commercial setting where demand has been building. Randall estimated that there may be as many as 10,000 organizations in both the government and private sector that use the open-source Bro IDS today.
One of the best-known Bro IDS deployments has been at ESnet. Greg Bell, scientific networking division director of ESnet, says the high-speed network supports 100Gbps speeds between 40 main Department of Energy (DoE) labs and other sites. Because ESnet was designed as a high-performance network for use by the national laboratories, such as Lawrence Berkeley National Laboratory, it has been optimized for large-scale data transfers that scientists might require, with a single data flow reaching 10Gbps.
The Bro IDS supports high speeds effectively, according to Bell, who adds it has proven to be a flexible security tool to monitor ESnet via its use on a LAN. He adds Bro isn’t used in-line to block suspected attacks but can be configured to take specific actions, such as communicating with a border router to block certain traffic.
Bro, running on Free BSD as freely downloaded-code, now has IPv6 support, Bell says. Like any IDS, it has a “learning curve” and may generate a false alert, he points out. He says the establishment of the start-up Broala appears to be a positive sign for the future of the Bro IDS.
Bro’s inventor is said to be Broala’s chief scientist Vern Paxson, who’s also professor of networking and security at the University of California, Berkeley, and director of networking and security research at the International Computer Science Institute in Berkeley.