New devices do content filtering

New devices do content filtering

BY WILLIAM JACKSON | GCN STAFF

New types of network defenders can analyze packet content fast in all seven Open Systems Interconnection layers.

The VHB-2000 from VHB Technologies Inc. of Richardson, Texas, and the AppSwitch from Top Layer Networks Inc. of Westborough, Mass., are brute-strength devices that sit at the network perimeter in front of firewalls and routers. They work fast enough to block, divert, route or classify data without creating a bottleneck, according to their makers.

Government sales are 'becoming something of a monster for us,' Top Layer's federal sales director, Edward Arter, said. The company has sold 35 AppSwitches to federal agencies, mostly in the Defense Department. The AppSwitch is undergoing tests at the Army's Joint Interoperability Test Command at Fort Huachuca, Ariz.

Meanwhile, VHB has lined up 18 beta users for the VHB-2000 at NASA, the Navy and other DOD sites.

The AppSwitch uses proprietary application-specific integrated circuits to examine bytes in all seven OSI layers at rates up to 900 Mbps. It records details for forensic investigations and for setting security policies.

'We discovered when distributed service-denial attacks began in earnest last year that it was simple to make the architecture respond to the attacks,' said Mark Roy, senior director of marketing. About two weeks of programming resulted in what Roy called a 'better mousetrap.'

AppSwitch identifies common service-denial attacks before they hit the firewall. Suspicious traffic goes to decoy servers.

The switch can do load balancing and distribute data to multiple intrusion detection systems.

Super snooper

The VHB-2000 has a proprietary network processor with embedded algorithms to look 512 bytes deep into packets of asynchronous transfer mode, Gigabit Ethernet and packet-over-Synchronous Optical Network traffic.

'We're looking at 512 bytes at a time rather than at each byte serially,' said Ben A. Bittle, VHB's senior vice president for product development.

The AppSwitch comes in two basic models, the 2500 with 12 10/100-Mbps ports and two 100Base-FX Ethernet uplinks, and the 3500 with one or two Gigabit Ethernet uplinks. The 3500 costs from $22,900 to $30,000. The VHB-2000, available later this year, will cost $19,000 to $44,000.

Contact Top Layer at 508-870-1300 and VHB at 972-783-6880.

inside gcn

  • Congressman sees broader role for DHS in state and local cyber efforts

    Automating the ATO

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group