Inkra Networks Announces The First Virtualised Security Platform To Provide Enterprises “Defence In Depth”

Using Hardware-Based Virtual IDP, SSL, VPN, and Firewall Services, Inkra’s Virtual Service Switch 1500/S Creates Layers of Enterprise Security and Isolates Attacks for Defence in Depth

7th May 2003—Inkra Networks introduced today its 1500/S Virtual Service Switch (VSS), the first virtualised security platform that allows corporations to reinforce network perimeters with layers of hardware-based security services—including firewalls, virtual private networks (VPNs), intrusion detection and protection (IDP), and secure sockets (SSL)—to plug back-door security holes and detect and eliminate attacks. Rather than deploy tens or even hundreds of security appliances to create multiple security zones, adding cost, management and operational headaches to the security process, Inkra’s new 1500/S platform enables companies to build layers and compartments of virtual, centrally controlled security services to isolate important assets and prevent network-borne attacks from spreading. Based on Inkra’s Virtual Service Architecture (VSA), this new platform makes deploying and managing network security much simpler and far more cost effective. These new products represent the second generation of systems based on Inkra’s VSA architecture, which has been tested and proven in production networks throughout 2002.

In combination with the 1500/S, Inkra debuted a new IDP Virtual Service Module for its 1500 and 4000 Virtual Service Switch systems, designed to protect corporate networks from malicious and unwanted activities such as exploit, reconnaissance, Denial of Service, and misuse. The IDP module is a standard feature of the new 1500/S platform and can be optionally added to any Inkra hardware platform and centrally provisioned, deployed, and managed through Inkra’s Centre Pointâ„? Management Suite.

“With hacker threats and viruses on the rise, security is a top concern for enterprises. Previously, companies were forced to choose between a simple perimeter security strategy or a more robust, but expensive, defence-in-depth strategy. A simple perimeter strategy is not enough to protect the corporate network,” said Sanjay Dhawan, CEO and president of Inkra Networks. “Inkra’s VSS 1500/S offers enterprises a complete security solution that provides the protection capabilities of tens to hundreds of security appliances layered throughout the network, using cost-effective, customisable virtual security services.”

VSS 1500/S—Virtual and Integrated Security on Demand
Inkra’s high-performance 1500/S uses virtualisation technology to bring economies of scale, on-demand service deployment, and simplified, integrated management to enterprise security. Virtualisation allows enterprises to customise and deploy multiple, pre-tested security services on a single platform, without incremental cost increase, using a single, simplified management interface.

“Inkra allows us to have a unified view into multiple services simultaneously and reconfigure services at will. Virtual services can be created very quickly and don’t require us to add new hardware to the network,” said Lim Kim Soon, systems engineer at the Singapore Defence Science & Technology Agency.

Inkra’s unique HardWallâ„? technology guarantees performance of all security services in hardware, allows network managers to granularly control how much security power and bandwidth is deployed per security instance, and to change those levels on the fly. HardWall also enforces separation and fault isolation of security services and prevents denial-of-service attacks on one security instance from having any further impact on other services in the system.

“Even though security is among the highest priorities, using standard appliances to implement a fully layered, compartmentalised defence-in-depth strategy has been too expensive for most enterprise organisations, both in terms of equipment as well as ongoing management costs,” said William Terrill, analyst at the Burton Group. “By virtualising security services, the Inkra 1500/S enables enterprises to layer and compartmentalise security in their networks, while lowering the cost of security management. Inkra can actually improve enterprise security while lowering costs. While many companies will be entering the market for the first time, Inkra Networks is the first and only current vendor that is actually shipping a true virtualised security product.”

New IDP Virtual Service Module
Inkra’s IDP Virtual Service Module (VSM) is the first fully virtualised intrusion detection and prevention product. Inkra’s IDP VSM is compatible with the industry-standard Snort signature format, a public signature database maintained by recognised security experts. Whenever new threats appear, Snort updates are available much faster than proprietary signature updates. IT managers can add, modify, and delete signatures, using Snort’s flexible security rules language, to increase accuracy and minimise false positives.

Inkra’s IDP VSM employs multiple inline techniques to detect and prevent both known and unknown attacks in real time. If an attack is detected, the IDP VSM can shut down the packet flow to disable the attack. Inkra’s IDP implementation supports multiple detection techniques, including signature matching, stateful inspection, and anomaly analysis. IT managers can program real-time attack responses to generate alerts, log session data, block traffic, or any combination of these actions.

Centralised, Automated Security
Inkra’s Centre Point Management Suite centralises and automates management procedures for all virtual security services3reducing effort, complexity, and error. Because virtual services are dynamic, engineers can deploy new services in real time, without shutting services down or interfering with running applications.

Pricing and Availability
The 1500/S series has 25 virtual racks and provides firewall, VPN, IDP, and SSL as base services. The 1500/S is available in two hardware versions. The 1504GX/S features four Gigabit Ethernet ports and is available for $43,999. The 1518TX/S features two Gigabit Ethernet ports plus 16 Fast Ethernet ports and is available for $38,499. Current Inkra customers can also purchase the IDP Virtual Service Module for the both the 1500 and the 4000 VSS.

About Inkra Networks
Inkra Networks’ Virtual Service Architectureâ„? (VSA), including the Virtual Service Switchâ„? (VSS) and Centre Pointâ„? Management Suite, offers the most adaptable and cost-effective network security, business continuity, and performance architecture in the industry. Inkra’s VSS product family virtualises and integrates multiple services—such as firewall, VPN, intrusion detection and prevention, SSL, and load balancing—in multi-gigabit hardware platforms. Together with HardWallâ„?, Inkra’s hardware-based virtualisation technology, the VSA provides the same performance and integrity as tens to hundreds of separate appliances, at a fraction of the cost. The VSA offers elastic functionality and scalability, enabling corporations to deploy, adapt, and grow network security and infrastructure as needed in real time, with far less budget, time, and effort than using appliances. Inkra Networks is headquartered in Fremont, CA, and funded by Battery Ventures, Morgenthaler Ventures, Norwest Venture Partners, Storm Ventures, and Greenstone Venture Partners.

Inkra is a registered trademark of Inkra Networks Corporation. Centre Point, HardWall, OpenRack, Virtual Rack, Virtual Rack Operating System, Virtual Rack Processor, Virtual Service Architecture, Virtual Service Module, and Virtual Service Switch are trademarks of Inkra Networks Corporation.