When firewalls and intrusion detection just aren't enough

Top Layer touts intrusion prevention appliances

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

Firewalls alone are not enough to thwart today's more sophisticated range of attacks, while Intrusion Detection Systems detect and record attacks, but do not block them. AV products, properly updated, can help protect against malicious code but are necessarily limited in their scope.

So enterprises and telecoms operators face a security gap which vendors are trying to plug with a fresh breed of security appliances, dubbed Intrusion Prevention Systems (IPS).

Into this arena comes Top Layer Networks, which is extending its line of appliances that guard against Denial of Service attacks to provide in-line protection against a wider range of Internet attacks. Top Layer's high speed ASIC-based appliances have impressed in tests on their effectiveness against DoS attacks so its entry into what is becoming a crowded marketplace is nonetheless significant.

Top Layer's Attack Mitigator IPS is designed to block intrusions and attacks that firewalls miss and that IDSes merely detect, reducing the risks associated with more sophisticated Internet attacks. The Attack Mitigator IPS suite of products allows good traffic to pass through while actively blocking malicious traffic such as hybrid attacks, HTTP worms, SYN floods, protocol and traffic anomalies, DoS, DDoS, and other attacks. It also blocks outbound attacks from any compromised machines within an internal network.

One of the main problems relating to IDS systems has been false positives, which Top Layer attributes to poor signatures.

Michael D Paquette (are you serious? - Ed), VP of Marketing and Product Development for Top Layer, said many attacks are well defined so companies can implement automatic detection and blocking for these kinds of attacks using Top Layer's Attack Mitigator IPS.

The Attack Mitigator IPS, which would normally sit behind corporate firewalls, does need to be tuned to customer's individual environments in order to make sure legitimate traffic is not blocked, Top Layer admits. So deployment of the product range is very much a consultancy sale.

Top Layer positions Attack Mitigator IPS as a complimentary product to firewalls and AV protection. One thing it doesn't do, for example, is scan email messages for all types of malicious code.

Attack Mitigator IPS will be offered as an additional device to users already deploying IDS systems but as an alternative to firms wanting to boost their security that don't already have IDS systems in place.

One of Top Layer's main lines of business is providing load balancing products for IDS software products, so with this week's general availability of Attack Mitigator IPS the company is going into copetition with its long-term partners.

Top Layer's Paquette was sanguine about this point saying that such co-operation/competition arrangements already exist in the industry. He says sites without IDS systems should prefer Intrusion Prevention Systems because the latter has failed to live up to its promise, and devices like Attack Mitigator IPS offer a more tangible early return on investment.

The Attack Mitigator IPS suite of products come in four flavours suited to different network configurations: Attack Mitigator IPS 100, for a departmental appliance suited to 100Mbps networks; Attack Mitigator IPS 1000, for 1Gbps networks; Attack Mitigator IPS 2400, a 2-Gbps product with redundant configuration and Attack Mitigator IPS 2800, a 2Gbps appliance with an active high availability configuration.

US list price for the Attack Mitigator IPS 100 starts at $15,000 going up to $250,000 for the IPS 2800. ®

Related Stories

Vendors sharpen tools to thwart DoS attacks
IDS users swamped with false alerts
Defending against SYN-flood DoS attacks

Secure remote control for conventional and virtual desktops

More from The Register

next story
Ellison: Sparc M7 is Oracle's most important silicon EVER
'Acceleration engines' key to performance, security, Larry says
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Hey, what's a STORAGE company doing working on Internet-of-Cars?
Boo - it's not a terabyte car, it's just predictive maintenance and that
Troll hunter Rackspace turns Rotatable's bizarro patent to stone
News of the Weird: Screen-rotating technology declared unpatentable
prev story


A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.