Inkra adds security services to appliance

Network appliance maker Inkra Networks is hoping to tap the seemingly unquenchable thirst for more and better network security with a new appliance that offers virtual security services.

The Inkra 1500/S Virtual Service Switch (VSS) uses Inkra’s existing 1500 and 4000 VSS platforms and Virtual Service Architecture (VSA), to deploy virtual hardware-based security services such as firewalls, virtual private networks (VPNs), intrusion detection and protection (IDP) and secure sockets (SSL), according to a statement released by the company on Monday.

The 1500/S series is capable of managing 25 virtual racks and provides firewall, VPN, IDP, and SSL as base services. Using the device, corporations can isolate critical network assets.

For example, network security administrators could use the Inkra 1500/S to deploy a firewall and SSL service for each application server in a data center, plugging security holes and preventing network-borne attacks from spreading, according to Dave Roberts, vice president of strategy at Inkra.

As with the company’s earlier VSS releases, the 1500/S uses Inkra’sHardWall technology to isolate each virtual rack, preventing service failures or denial of service (DoS) attacks on one virtual rack from affecting the performance of other racks.

The company’s Center Point Management Suite provides central control and management of all the virtual racks and security services on a single 1500/S device. New virtual racks and security services can be created and deployed dynamically without requiring the entire appliance to be rebooted or interfering with the operation of other racks, according to Inkra.

The Center Point Management software operates from a separate, standalone server running the Microsoft Windows operating system or Sun Microsystems’ Solaris OS, Roberts said.

Because of the demands of working in a virtual environment, Inkra had to develop many of the security components in-house, according to Roberts.

The IDP sensor was built from scratch, but designed to be compatible with the Snort signature format and rule base, allowing customers to import SNORT rules directly into the Inkra appliance.

The IDP technology supports signature matching, stateful inspection, and anomaly analysis, according to Inkra.

The 1500/S’s VPN component uses imported code licensed from a third party, while the firewall component was developed internally, Roberts said.

The 1500/S is available in two hardware versions:

— The 1518TX/S features two Gigabit Ethernet ports plus 16 Fast Ethernet ports and is available for $34,999.

— The 1504GX/S features four Gigabit Ethernet ports and is available for $39,999.

In addition, Inkra customers can purchase the IDP Virtual Service Module as a separate service for the both the 1500 and the 4000 VSS, according to Inkra.