Corrent's Firewall/VPN Accelerator First to Withstand DDoS Attacks While Maintaining Network Throughput.Business Editors/High-Tech Writers TEMPE, Ariz.--(BUSINESS WIRE)--Oct. 20, 2003 Tests confirm Corrent(R) S3500 Turbocard able to withstand massive DDoS attack while maintaining high rate of valid network traffic Corrent Corp., the price/performance leader in network security technology, today announced the release of an upgrade to its S3500 Turbocard Firewall/VPN accelerator that will enable it to withstand a massive Distributed Denial of Service A condition in which a system can no longer respond to normal requests. See denial of service attack. (DDoS) attack, while keeping valid network traffic flowing at a high rate. This new capability, a first for the industry, is the result of the S3500 Turbocard's huge processing capacity. The new Corrent(R) S3500 Turbocard is able to sustain 50,000 TCP (1) (Transmission Control Protocol) The reliable transport protocol within the TCP/IP protocol suite. TCP ensures that all data arrive accurately and 100% intact at the other end. sessions per second and deliver 648 Megabits per second (unit) megabits per second - (Mbps, Mb/s) Millions of bits per second. A unit of data rate. 1 Mb/s = 1,000,000 bits per second (not 1,048,576). E.g. Ethernet can carry 10 Mbps. in throughput in the face of a concentrated attack. In a typical DDoS attack, hundreds or even thousands of "zombie" computers that have been infected by a worm begin sending requests continuously to a "victim" site. The counterfeit requests quickly overwhelm the security appliance and choke off legitimate traffic, inevitably saturating the firewall and causing it to fail. DDoS attacks, which each year account for billions of dollars in economic damage worldwide, are among the most serious threats to ISPs, eCommerce, eBusiness, and corporate networks. A study by the University of California The University of California has a combined student body of more than 191,000 students, over 1,340,000 living alumni, and a combined systemwide and campus endowment of just over $7.3 billion (8th largest in the United States). at San Diego estimates that there are at least 4,000 DDoS attacks each week and the number is growing. Spread by worms such as Code Red and Slammer A worm that caused a billion dollars worth of damage on the Internet on January 25, 2003. Slammer infected computers all over the Internet by generating random IP addresses and causing the computer's buffer to overflow with its own instructions that replicate itself and start the process , the Computer Emergency Response Team (CERT) warns that the hidden programs needed to launch a massive attack can infect thousands of machines and reach global saturation within 18 hours. "The increased frequency of network security threats, including Distributed Denial of Service attacks, has resulted in demand for more complete and sophisticated network security solutions," said Ray Keneipp, vice president and service director of the Network and Telecom Strategies (NTS NTS National Technical Systems NTS National Trust for Scotland NTS Nevada Test Site NTS NT Server (Microsoft Windows) nts Not the Same NTS National Traffic System (amateur radio) ) service at Burton Group. "Solutions like Corrent's S3500 Turbocard form part of a new breed of Firewall technology that provide a significant increase in performance, allowing networks to absorb attacks while still delivering high bandwidth services." Corrent President and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. Richard Takahashi, said, "After businesses around the globe were hit by a 'can of worms' in August, IT managers told us they felt a new sense of urgency to protect their networks from these relentless attacks. As a result, our top priority for this upgrade became ensuring that our S3500 Turbocard would keep our customers' networks running at top speed even when the inevitable attack occurs. I'm excited that we have been able to deliver this new capability, along with a host of other important features to safeguard networks." In addition to the ability to withstand a DDoS attack, the upgrade for the S3500 Turbocard also includes a number of other features important to network security: -- Supports Check Point's SecureXL(TM) 2.0 and 2.1 API - Enables UDP UDP (uridine diphosphate): see uracil. (User Datagram Protocol) A protocol within the TCP/IP protocol suite that is used in place of TCP when a reliable delivery is not required. and TCP connections management on the card by shifting computationally intensive processes to dedicated acceleration devices delivering multi-gigabit performance. -- 802.1Q VLAN See virtual LAN. VLAN - Virtual Local Area Network support - Eliminates port density issues for customers seeking a Firewall solution that supports more networks then the standard WAN, LAN (Local Area Network) A communications network that serves users within a confined geographical area. The "clients" are the user's workstations typically running Windows, although Mac and Linux clients are also used. , and DMZ (DeMilitarized Zone) A middle ground between an organization's trusted internal network and an untrusted, external network such as the Internet. Also called a "perimeter network," the DMZ is a subnetwork (subnet) that may sit between firewalls or off one leg of a . -- VPN Back-to-Back tunneling - Now the Turbocard is able to perform VPN back-to-back tunneling entirely within the Turbocard. This allows VPN throughput to be maintained even when traversing two VPN tunnels. -- Dynamic Routing support - This feature expands the Turbocard's ability to operate in a high-availability configuration and is the ideal solution for customers seeking a robust firewall/VPN installation. Additionally, it supports Check Point's ClusterXL(TM) API, a software-based load sharing and high availability solution that distributes traffic between clusters of redundant gateways to increase total throughput. "With the onset of more sophisticated and frequent Internet threats, customers depend on their VPN and firewall to perform at wire-speed even under the most stringent conditions," said Gonen Fink, vice president, solutions and strategy for Check Point Software Technologies (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : CHKP CHKP Check Point Software Technologies Ltd. (stock abbreviation, AMEX) ). "The combination of Check Point's SecurePlatform and the SecureXL Turbocard provide the best performance and price/performance -- across all packet sizes -- in the Internet security industry. Our partnership with Corrent Corp. has truly produced a breakthrough product, sold under our brand, as Check Point SecureXL Turbocard and therefore available to all our channel partners and customers worldwide." The Corrent S3500 Turbocard is a 64-bit PCI (1) (Payment Card Industry) See PCI DSS. (2) (Peripheral Component Interconnect) The most widely used I/O bus (peripheral bus). , IPSec firewall/VPN accelerator card that completely offloads security processing from the host CPU CPU in full central processing unit Principal component of a digital computer, composed of a control unit, an instruction-decoding unit, and an arithmetic-logic unit. using optimized drivers for Check Point's SecurePlatform software. The card has three Gigabit Ethernet ports and incorporates two processors: a Corrent(R) 7120 security processor handles all IPSec VPN processing while an IBM NP4GS3 network processor handles firewall connections. The result is near line-rate throughput for both Firewall (2.8 Gbps) and VPN (2.4 Gbps). Latency is less than 32 us for firewall traffic and under 125 us for VPN traffic regardless of the packet size. The Corrent S3500 Turbocard is sold directly by Check Point under its SecureXL Turbocard brand. The S3500 Turbocard has a MSRP MSRP Manufacturer's Suggested Retail Price MSRP Message Session Relay Protocol MSRP Multi-Species Recovery Plan (US Fish & Wildlife Service) MSRP Member of the Society for Radiological Protection (UK) of $15,000. There is no charge for the upgrade. For more information, visit: www.corrent.com. About Corrent Corp. Corrent Corp. is the price/performance leader in Network Security technology. Corrent provides a complete line of security processors, boards, and software to enable open system suppliers to offer high-performance, competitively priced solutions that keep enterprise networks secure. Using Corrent's building blocks, VARs and system integrators can compete successfully against suppliers of more expensive, proprietary security appliances. Corrent's products have been designed into edge access networking equipment such as routers, switches, servers, access concentrators, and dedicated IP-services appliances. The company is headquartered in Tempe, Ariz. For more information, visit: http://www.corrent.com. All trademarks or registered trademarks are property of their respective companies. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion