When firewalls and intrusion detection just aren't enough

Top Layer touts intrusion prevention appliances

  • alert
  • submit to reddit

7 Elements of Radically Simple OS Migration

Firewalls alone are not enough to thwart today's more sophisticated range of attacks, while Intrusion Detection Systems detect and record attacks, but do not block them. AV products, properly updated, can help protect against malicious code but are necessarily limited in their scope.

So enterprises and telecoms operators face a security gap which vendors are trying to plug with a fresh breed of security appliances, dubbed Intrusion Prevention Systems (IPS).

Into this arena comes Top Layer Networks, which is extending its line of appliances that guard against Denial of Service attacks to provide in-line protection against a wider range of Internet attacks. Top Layer's high speed ASIC-based appliances have impressed in tests on their effectiveness against DoS attacks so its entry into what is becoming a crowded marketplace is nonetheless significant.

Top Layer's Attack Mitigator IPS is designed to block intrusions and attacks that firewalls miss and that IDSes merely detect, reducing the risks associated with more sophisticated Internet attacks. The Attack Mitigator IPS suite of products allows good traffic to pass through while actively blocking malicious traffic such as hybrid attacks, HTTP worms, SYN floods, protocol and traffic anomalies, DoS, DDoS, and other attacks. It also blocks outbound attacks from any compromised machines within an internal network.

One of the main problems relating to IDS systems has been false positives, which Top Layer attributes to poor signatures.

Michael D Paquette (are you serious? - Ed), VP of Marketing and Product Development for Top Layer, said many attacks are well defined so companies can implement automatic detection and blocking for these kinds of attacks using Top Layer's Attack Mitigator IPS.

The Attack Mitigator IPS, which would normally sit behind corporate firewalls, does need to be tuned to customer's individual environments in order to make sure legitimate traffic is not blocked, Top Layer admits. So deployment of the product range is very much a consultancy sale.

Top Layer positions Attack Mitigator IPS as a complimentary product to firewalls and AV protection. One thing it doesn't do, for example, is scan email messages for all types of malicious code.

Attack Mitigator IPS will be offered as an additional device to users already deploying IDS systems but as an alternative to firms wanting to boost their security that don't already have IDS systems in place.

One of Top Layer's main lines of business is providing load balancing products for IDS software products, so with this week's general availability of Attack Mitigator IPS the company is going into copetition with its long-term partners.

Top Layer's Paquette was sanguine about this point saying that such co-operation/competition arrangements already exist in the industry. He says sites without IDS systems should prefer Intrusion Prevention Systems because the latter has failed to live up to its promise, and devices like Attack Mitigator IPS offer a more tangible early return on investment.

The Attack Mitigator IPS suite of products come in four flavours suited to different network configurations: Attack Mitigator IPS 100, for a departmental appliance suited to 100Mbps networks; Attack Mitigator IPS 1000, for 1Gbps networks; Attack Mitigator IPS 2400, a 2-Gbps product with redundant configuration and Attack Mitigator IPS 2800, a 2Gbps appliance with an active high availability configuration.

US list price for the Attack Mitigator IPS 100 starts at $15,000 going up to $250,000 for the IPS 2800. ®

Related Stories

Vendors sharpen tools to thwart DoS attacks
IDS users swamped with false alerts
Defending against SYN-flood DoS attacks

Best practices for enterprise data

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
VMware builds product executables on 50 Mac Minis
And goes to the Genius Bar for support
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Microsoft says 'weird things' can happen during Windows Server 2003 migrations
Fix coming for bug that makes Kerberos croak when you run two domain controllers
Cisco says network virtualisation won't pay off everywhere
Another sign of strain in the Borg/VMware relationship?
prev story


7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?