Inkra Hops on IDS Bandwagon

Following a flurry of new intrusion detection and prevention (IDP) appliances coming to market, data center switch maker Inkra Networks yesterday announced that it has baked the technology into its new switch (see Inkra Does IDS).

The company, which announced its first data center switches a year ago, says its new 1500/S switch adds IDP to the mix of virtualized security services it offers its customers (see Inkra Virtualizes Data Center). The pizza-box sized device enables customers to turn on IP security services such as firewalls, VPNs, and now IDP -- thus replacing tens, or even hundreds, of individual devices, the company claims. Each switch offers 25 virtual racks. As with its previous security offerings, Inkra says it has built its IDP technology from the ground up.

In addition to the new 1500/S switch, Inkra also announced a new IDP service module for its 1500 and 4000 switches, allowing customers to add the technology to their existing switches.

The market has seen a rash of new IDP product announcements lately, as well as several high-profile acquisitions of IDP startups (see IDS Feeding Frenzy Continues). A recent Infonetics Research Inc. report forecasts that the IDP market will soon experience explosive growth, and report author Jeff Wilson characterizes the technology as a checklist item for any company serious about selling security (see Report: IDS Takes Flight).

IDP may be all the rage at the moment, but the technology still has plenty of critics. “I think [Inkra] has a very good product, but I think the focus on IDS is wrong,” says Burton Group analyst Bill Terrill, insisting that the technology still hasn’t proven itself. “I’m a firm believer in good security, but I’m not a firm believer in IDS at this point… But I guess it’s something they have to have as a marketing checklist.”

The main problem with traditional intrusion detection systems (IDS) has been the number of false alarms they generate, flagging legitimate traffic along with the illegitimate. Flipping an automated prevention switch on a traditional IDS product would mean shutting down the network. Like other IDP vendors such as Cisco Systems Inc. (Nasdaq: CSCO) and NetScreen Technologies Inc. (Nasdaq: NSCN), Inkra now claims to have solved the accuracy problem that has provoked skepticism about the technology.

Inkra stands apart from its peers, however, in that it appears to be the first company to virtualize the technology, allowing centrally managed virtual IDP gateways to be spread throughout the network. In this regard, Inkra’s new switch butts heads most directly with the likes of Cisco, which has declared a strategy of embedding security into routers and switches throughout the network (see Cisco's Security on a Switch). Inkra, however, is quick to point out that Cisco doesn’t do virtualization, making the management of its many different security products much more complex.

The virtualized security functions on Inkra’s new switch can either be used in place of a number of separate appliances, or to reinforce the devices companies already have installed, according to company vice president of marketing Dave Roberts. Inkra’s new IDP offering can, for instance, function as a bookend to existing firewalls, alerting network administrators to what’s getting through their installed devices, Roberts says.

Burton’s Terrill may be skeptical of Inkra’s foray into intrusion detection and prevention, but he says the company has a great overall virtualization story. “These devices can reduce your box count from dozens to half a dozen,” he says. “And their virtualized firewall, VPN, routing, switching, and load-balancing make this a great product."

Inkra recently got a new competitor in the virtualizing switch market: Last week, Nauticus Networks Inc. announced its first family of switches (see Nauticus Dives Into the Data Center). But while Nauticus also offers security services, the company is going more after the high-speed load-balancing portion of the data center. On the security side, observers say, Inkra really needs to worry most about Cisco.

Inkra claims that its switches not only greatly simplify the typically very complex data center, but that they also offer huge cost savings. The new 1500/S switches range from $34,999 to $39,999.

— Eugénie Larson, Reporter, Light Reading

Be the first to post a comment regarding this story.
Sign In