New devices do content filtering

New devices do content filtering


New types of network defenders can analyze packet content fast in all seven Open Systems Interconnection layers.

The VHB-2000 from VHB Technologies Inc. of Richardson, Texas, and the AppSwitch from Top Layer Networks Inc. of Westborough, Mass., are brute-strength devices that sit at the network perimeter in front of firewalls and routers. They work fast enough to block, divert, route or classify data without creating a bottleneck, according to their makers.

Government sales are 'becoming something of a monster for us,' Top Layer's federal sales director, Edward Arter, said. The company has sold 35 AppSwitches to federal agencies, mostly in the Defense Department. The AppSwitch is undergoing tests at the Army's Joint Interoperability Test Command at Fort Huachuca, Ariz.

Meanwhile, VHB has lined up 18 beta users for the VHB-2000 at NASA, the Navy and other DOD sites.

The AppSwitch uses proprietary application-specific integrated circuits to examine bytes in all seven OSI layers at rates up to 900 Mbps. It records details for forensic investigations and for setting security policies.

'We discovered when distributed service-denial attacks began in earnest last year that it was simple to make the architecture respond to the attacks,' said Mark Roy, senior director of marketing. About two weeks of programming resulted in what Roy called a 'better mousetrap.'

AppSwitch identifies common service-denial attacks before they hit the firewall. Suspicious traffic goes to decoy servers.

The switch can do load balancing and distribute data to multiple intrusion detection systems.

Super snooper

The VHB-2000 has a proprietary network processor with embedded algorithms to look 512 bytes deep into packets of asynchronous transfer mode, Gigabit Ethernet and packet-over-Synchronous Optical Network traffic.

'We're looking at 512 bytes at a time rather than at each byte serially,' said Ben A. Bittle, VHB's senior vice president for product development.

The AppSwitch comes in two basic models, the 2500 with 12 10/100-Mbps ports and two 100Base-FX Ethernet uplinks, and the 3500 with one or two Gigabit Ethernet uplinks. The 3500 costs from $22,900 to $30,000. The VHB-2000, available later this year, will cost $19,000 to $44,000.

Contact Top Layer at 508-870-1300 and VHB at 972-783-6880.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected