Network Security

Today's network threats are more sophisticated and daily commonplace than ever before. All types of enterprises and information are being targeted. Following the inexorable rise in the demand for bandwidth, the adoption of 10 Gigabit Ethernet is accelerating. More and more network attacks are increasingly coming to fruition, producing an exponential rates stream of intrusion traffic. The growth of high speed networks has always presented a challenge to the network security appliances which are now a mainstay in the corporate security arsenal. Today, that challenge is compounded by the very fluid, dynamic nature of security requirements. The leading categories of network security appliances include IPS and next-generation firewall(NGFW). Unlike traditional security devices which examine packet headers alone, modern malware protection requires IPS and NGFW to examine the entire packet – called deep packet inspection – and is capable of detecting and blocking application level attacks that exploited specific vulnerabilities. For example, an IPS must effectively bring both deep packet inspection and stateful pattern matching together with security enforcement and blocking to recognise and stop malicious traffic. As a result, the biggest challenge for network security appliance is delivering security at the performance levels required by today's networks. Put simply, the speeds of networking technologies have far surpassed the CPU-centric processing capabilities of today's security appliances to monitor, analyse, filter, and defend the network. The result is a dilemma for corporations – slow the network and ensure security or provide a high speed network with reduced security protection. Thus, an important steps for network security appliance to solve this dilemma is to separate DPI task from CPU by implementing DPI offload engine in network adapter environments. The following table summarizes the advantages of InterStream products over others for high performance network security solutions.