On Tuesday the vendor, Top Layer Networks, will unveil SecureWatch, a software application that sits between the Internet and firewall to monitor all network traffic.
According to Mark Roy, Top Layer's director of product development, the product captures all extrinsic data before it enters the firewall, enabling an enterprise to monitor all traffic based on a user's identity, regardless of location.
Roy said that the issue for network managers working in complex distributed environments is tracking user logins to the network from a variety of sources such as notebooks and wireless devices. The network model of old said there was only one single pathway to the network. "In this new environment we can no longer create policy rules based on single sub-texts," he said. "The only thing that remains constant is the user and the content."
However, according to Top Layer, one of SecureWatch's biggest draw cards is its ability to maintain accurate records of all logins from the point of entry to a network.
The software stores data at a central repository in real time, at this stage on a Microsoft SQL Server database. The product is slated to run on Oracle databases later this year. "Capturing all of this network activity before and during the event, you now have all this forensic evidence of an attack," Roy said.
Built for carrier-class IP (Internet protocol) networks, Top Layer has already tested the product in Australia at enterprise carrier Macquarie Telecommunications and at customer sites in North America.
Life is made even harder for hackers by the product's ability to constrain the network to specific zones or affinity groups. According to Roy, this limits hackers' ability to penetrate an entire network, particularly in cases of internal attacks. Security is also strengthened by tight integration with Check Point's firewall products.
A free, limited version of SecureWatch will be available for download from www.toplayer.com on Tuesday. The software includes a purchase order for the $3,000 (£2083) server component, which contains the key to unlocking additional system log formats.
Additional costs, as required, include the SQL server database agent at $20,000, Check Point Event Logging API (ELA) agent at $5,000, and Cisco Netflow agent at $20,000. Roy said the Oracle agent is expected to cost $20,000 and will be available in October.