FireCloud shares security intell among devices
Company previews product at Black Hat conference
- By William Jackson
- Jul 29, 2010
LAS VEGAS—Red Lambda, a security company that grew out of a University of Florida research program to police peer-to-peer file sharing on campus, is demonstrating at the Black Hat Briefings a new product code-named FireCloud that it claims is the first to integrate the functionality of multiple network security devices.
"It’s more than co-location,” said Robert Bird, company president and chief technology officer. “They share intelligence.”
FireCloud will use the computing power supplied by the company’s cGRID cloud framework to provide firewall, intrusion detection, anomaly detection and traffic shaping capabilities in a single tool. The idea is to improve security by breaking down the silos of traditional point products that operate separately, allowing them to share and respond to information, Bird said.
"Security typically is a tradeoff” between accuracy and network performance, Bird said. Harnessing the horsepower of a local computing grid is intended to provide a high level of security without interfering with performance.
Red Lambda is signing up beta users for the new product, which is expected to be released early next year.
The company’s signature product is Integrity-P2P, which universities use to control the use of peer-to-peer file sharing by students. The use of file sharing networks to illegally distribute copyrighted material became a concern in the last decade and the music industry targeted universities, whose high-speed networks were used by student populations to download music files, for legal action. Integrity uses identity aware technology to identify users, monitor peer-to-peer activity and block potentially illegal sharing.
The application runs on the cGRID collaboration platform, which uses Java agents running in background on network clients. The resulting grid amounts to what Bird called a “virtual supercomputer” to support security applications.
"The average computer is only busy about 2 percent of the day,” Bird said. Servers use, on average, only 30 percent to 50 percent of their capacity. Even if the agents are given the lowest application priority, the grid typically has large reserves of computing power available to it, which can allow the application to scale with the network.
Red Lambda also is releasing its IdentiCloud system, an identity-aware tool to map the location, identity, history and organizational context of all users with access to an internal network.
The company is making bold claims for FireCloud, which Bird said could allow users to consolidate and replace traditional point security tools. The distributed computing grid would enable deep packet inspection for every desktop.
The company developed the tool’s anomaly detection engine with a grant from the National Science Foundation to provide high performance pattern recognition. Previous anomaly detection engines, which recognize patters of activity and identify unusual activity that could indicate a threat, had a success rate of 96.5 percent, Bird said. “We were five-9s accurate,” or 99.999 percent, he said. False positives dropped from 10 percent to one one-millionth of a percent, while operating at 40 gigabits/sec, he said.
Beta testers will be able to put FireCloud through its paces in real-world environments to validate these claims and identify areas of needed improvement.
William Jackson is a Maryland-based freelance writer.