Clean That Network Traffic

Wednesday, October 31, 2012

Richard Stiennon


Here at IT-Harvest Global Headquarters we have installed a new technology: reverse osmosis water filtering. Our water may have lost some of its tang but it is clean.

Even our ice-cubes are clearer now. Reverse-osmosis is an apt metaphor for Corero’s new positioning. Long known for their Denial of Service Defense and Intrusion Prevention products, Corero has learned much about the dirty nature of Internet traffic over the last decade. Now they are positioning their products as the First Line of Defense, a message that resonates on multiple planes.

Look at the off-loading advantage. Email servers have long been one of the most critical components of an enterprise infrastructure and vendors like Trend Micro, Symantec, and Cisco (IronPort) have done well putting devices in front of the email servers as a first line of defense to filter out malware and spam.

On the network side IPS is analogous to anti-virus for email and DDoS defense is analogous to anti-spam. By combining both functionalities, Corero has introduced a concept for the network that has already been proven in front of email servers.

When we think Denial of Service (DoS) we tend to think of the headline grabbing DDoS attacks like those against a couple of major banks that started last week. But there is a lot of unwanted network traffic that is not just purely malicious. The travel industry is constantly fighting screen scraping competitors or aggregators that grab their current pricing.  Industry specific web crawlers or vulnerability discovery bots, network scans, and resource exhaustion attacks against web servers are rampant.

So why not deploy an intelligent appliance behind the router and in front of the firewall? Filter out all the junk before you expend any resources in your firewall, or log all the events with your IDS/SEIM. Reduce your need for multiple servers and load balancers. Corero’s First Line of Defense is like reverse osmosis for your network.

Possibly Related Articles:
Information Security
Denial of Service DDoS Network Security Security Solution
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked