Spearhead plugs the gap in network security

Spearhead Security Technologies announced a product on 30 April that it said would provide new levels of protection against...

Spearhead Security Technologies announced a product on 30 April that it said would provide new levels of protection against network intrusions and denial-of-service (DoS) attacks.

The product, called NetGAP, physically disconnects the corporate network from the larger Internet and forces traffic destined for the network to be routed through a NetGAP security device, thus ensuring that only secure, desired data is sent to the corporate network, according to Spearhead.

To install the system, a company adds the NetGAP device to its network, sitting as the main connection to the Internet. The device, which has two CPUs (central processing units) and two security boards, is also connected to the corporate network. The CPUs and security boards are only connected, however, via a 1 gigabit per second "gap," so the data arriving in the device is not immediately sent to the corporate network, as in a standard network. Rather, the first CPU terminates its network session and the data is mirrored across the "gap" to the second device.

The second device then inspects the data based on protocol, to eliminate protocol attacks. Once that data has been inspected by the second CPU, and found to meet user-defined security requirements, it is allowed to continue on to the corporate network. NetGAP systems also offer domain name system (DNS) protection, policy-based security options and bandwidth control and automatic reboot features to prevent DoS attacks.

US-based Spearhead is offering two models, the NetGAP 200 and NetGAP 300. The NetGAP 300 distinguishes itself from the 200 by including a content inspection board that searches for and filters content by keyword, as well as scanning incoming data for viruses and malicious code to keep unwanted or unsafe data off the corporate network. Both models can support up to 1,000 simultaneous users, although the devices can be clustered together to allow for greater user loads, according to the company.

Such a device is necessary because security services based on operating systems are constantly vulnerable to the discovery of new security holes, said Steve Mogul, executive vice-president of business development at Spearhead. With any operating system, there will always be a security hole that someone missed, but a product such as NetGAP that does not rely on an operating system sidesteps such issues, he said.

NetGAP, and other products like it which use gap technology, represent a "new design on security products," said Charles Kolodgy, research manager at International Data Corp.

Although gap products are still a new type, they will likely see a good deal of adoption due to their access control features and their ability to segregate networks and allow for finer control, said Kolodgy.

One obstacle that might keep gap products from seeing a great deal of success is the speed degradation inherent in routing traffic through so many systems and scans, said Kolodgy.

"Performance degradation becomes a real stumbling block for a lot of these products," he said.

At least one NetGAP user has not found any performance degradation with the product. Hugh McArthur, information systems security officer at Online Resources, an application service provider (ASP) for the financial services industry, said that his company has seen no noticeable degradation. NetGAP is easy to install and configure and Spearhead has provided excellent support, said McArthur.

Online Resources is one of 35 companies worldwide, including Bezec, a telecommunications company in Israel, and several government and financial institutions in the US, that are currently using NetGAP, said Buky Carmeli, Spearhead chairman and chief executive officer.

Companies are buying NetGAP because there is an understanding that this layer of security is missing, said Carmeli. NetGAP will fill this hole, he said, because "nothing is more secure than (something that is) disconnected."

Both the NetGAP 200 and 300 are immediately available worldwide and are priced at US$30,000 (£21,000) to US$35,000 (£24,500) for the NetGAP 200 and US$50,000 for the NetGAP 300.

Read more on Antivirus, firewall and IDS products