Nevis Unveils LANsecure
MOUNTAIN VIEW, Calif. -- Today, Nevis Networks announced its LANsecure™ architecture, the heart of Nevis’ comprehensive LANenforcer™ product family. The LANsecure architecture enables enterprises to solve LAN security challenges with Nevis’ patent-pending, massively parallel LANsecure ASIC, which integrates enterprise networking and comprehensive access control with multiple threat detection methodologies, all at multi-gigabit wire speeds.
“With this announcement, Nevis has significantly raised the bar for complete LAN security,” said Rodney Thayer, security analyst, Canola & Jones (www.canola-jones.com). “The new Nevis ASIC-based architecture not only incorporates multiple security functions that previously required separate devices, but it also performs these functions at previously unavailable performance levels. The LANsecure architecture delivers the power required to cost-effectively deploy defense-in-depth, protecting each user and making powerful per-port LAN security a reality for the first time.”
Massively Parallel Architecture Redefines Threat Control The LANsecure architecture is massively parallel and has an integrated software stack, enabling it to accelerate multiple security functions simultaneously, including stateful firewall; threat signature matching; traffic, protocol, and behavior anomaly detection; and endpoint quarantine. Each packet passes through the ASIC at wire speed while it is examined for anomalous traffic patterns, individual security violations, and threat and malware signatures.
The LANSecure architecture delivers six threat control methodologies that operate in parallel for the most accurate threat detection available:
- The policy-driven stateful firewall provides user-based Network Access Control (NAC) and protects against Denial of Service Attacks (DoS and DDoS), packet buffer exhaustion attacks, SYN flood attacks, and connection highjacking.
- Threat signature matching identifies known threats and speeds up incident resolution. Hardware acceleration and parallel pattern matching eliminate the performance degradation usually associated with signature-based security devices.
- Hardware acceleration enables ultra-fast detection of traffic anomalies for which signatures are not yet available and blocks them in microseconds.
- Protocol anomaly detection utilizes stateful pattern matching which looks for conditions that violate normal behavior in protocols including IP, TCP, UDP, ICMP, and HTTP.
- Behavior anomaly detection builds individual behavior profiles, based on user behavior and IP addresses, that increase the accuracy of threat containment and reduce false positives.
- Automatic endpoint quarantine is initiated by the detection methods above in response to threats. Response is policy-controlled and includes redirection for remediation and blocking of network access.