Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

100 Percent Package Analysis Test At 10Gbps

Endace : 04 November, 2010  (New Product)
The EndaceProbe Core100 intrusion detection appliance from Endace has passed independent testing at full 10Gb for package analysis
Endace has announced the results of its performance in the unsponsored and independent NSS Labs Group Test of IDS/IPS products. The results emphatically validate Endace's claim that the EndaceProbe Core100 (EP Core100) is world leading and capable of continuously capturing and analysing every packet at full 10 Gbps speeds, making it the natural choice for monitoring high-speed critical infrastructure environments.

The tests were conducted by NSS Labs, the leading independent security product testing organisation in the world. Vik Phatak, NSS Labs' chief technology officer, said: "Even under the harshest conditions, at full 10-Gigabit capacity with 1.7KB HTTP response traffic, we could not force the EP Core100 to leak attacks. Further, the system correctly identified 100 percent of our evasion attempts without error. It is one of the few products on the market capable of servicing the high throughput demands of a true 10-Gigabit environment."

In its new national security strategy, the UK government recently cited attacks on computer networks as being among the biggest emerging threats to the UK Foreign Secretary William Hague said that, unless addressed, this could threaten the UK's 'economic welfare.' When national security is at stake and the impact of missing a single packet can be catastrophic, nothing less than guaranteed 100 percent packet capture can be accepted.

The Endace platform has been designed from the ground up for monitoring high-performance, mission critical infrastructure environments. "Our customers choose to work with us because they understand that highly accurate packet capture and time stamping underpins all aspects of network security, monitoring, latency measurement and compliance," said Neil Livingston, chief product officer of Endace. "Having worked in critical infrastructure environments with government and high frequency traders for more than ten years, we understand that to deliver the best solutions you must first have the best platform."

The exceptionally high performance of the EP Core100 is a direct result of Endace's scalable system architecture, which is tightly coupled with Endace's proprietary hardware-based DAG I/O technology. Efficient CPU utilisation enables organisations to run larger custom rule sets that deliver higher levels of attack detection and lower levels of false positives, without compromising packet capture accuracy. In situations where a system is being used to monitor operational networks that underpin critical infrastructure, it is vital to have the ability to run comprehensive rule sets that deliver the highest possible level of threat detection and accuracy, as opposed to using a resource constraint compromised rule set.

Claiming that you can continuously capture and analyse 100 percent of packets and proving it are two very different things. To that end, Endace set out to prove that its 10 Gigabit IDS product (EP Core100) really does analyse 100 percent of packets for potential security attacks at 10 Gbps. NSS Lab's Attack Leakage Test methodology has been the de facto industry standard for the past decade.

Detecting zero-day threats will always be a problem, but in its Attack Leakage test, NSS Labs tests the accuracy of IPS/IDS devices, along with performance under load. Devices are tested against a test traffic load that contains a known number of attack vectors. The load is increased to the point where the device under test starts to miss detection of attack vectors.

At all speeds up to and including 10 Gbps the EP Core100 successfully detected the beacon attack at the smallest traffic size (1.7KB) without ever exceeding 50 percent CPU utilisation.

The system makes use of the power of the established SNORT IDS (the world's most widely used open-source network intrusion detection engine) and enables users to construct their own custom rule sets from a range of different sources including open-source providers, commercial vendors and in-house specialist rule-writing teams.

For organisations seeking to monitor high-speed networks without losing a single packet, Endace's platform is proven to offer the world leading level of performance that is required for 10 Gbps environments. In addition, the platform supports a range of sophisticated integrated monitoring applications, such as Endace Netflow Generator and Endace Analytics, which enable the customer to reduce the mean-time-to-resolution based on 100 percent packet capture. The NSS Labs test report is available on request from Endace.

The combination of 100 percent packet capture on the Endace platform with the suite of integrated IDS analytics and forensic functionality makes the EP Core100 the most powerful and best performing IDS monitoring product on the market today.

The EP Core100 is available now and list price is $248,000 USD.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo