Tuesday, April 4, 2006

Narus Enhances its Carrier-class IP Security & Intercept Platform

Narus announced major enhancements to its "NarusInsigh", a carrier-class IP traffic processing system that provides real-time network visibility essential to secure, manage and deliver Services over IP (SoIP).

The platform can be used for advanced IP security, intercept and traffic classification, including blocking specific applications.

NarusInsight 5 now processes full-packet layer 7 traffic at speeds up to OC-48 (2.5 Gbps) and layer 4 traffic at speeds up to OC-192 (10 Gbps). In addition, NarusInsight 5's new security application modules (the NarusInsight Secure Suite) feature "entropy-based security algorithms," providing telecom carriers with early detection of sophisticated new-breed anomalies such as low-volume and polymorphic worms, layer 7 protocol attacks, and application attacks.

Narus noted that its systems have been installed by Tier 1 carriers such as AT&T, KDDI, Vodafone and Korea Telecom.

NarusInsight's extensible application modules include:

NarusInsight Secure Suite (NSS), which leverages behavior-based security algorithms to detect low volume or latency threats, and even polymorphic worms -- hours or even days before previously possible. Advanced VoIP security provides port-independent, layer 7 security for scanning, targeting and flooding attacks as well as call hijacking and protocol exploit attacks.

NarusInsight Intercept Suite (NIS), which includes CALEA- and ETSI-compliant modules for lawful intercept. Capabilities include playback of streaming media (for example, VoIP calls), rendering of Web pages, examination of e-mails and the ability to analyze the payload/attachments of e-mail or file transfer protocols. A proprietary directed analysis monitoring and surveillance module provides integration with the NSS or other DDoS, intrusion or anomaly detection systems, securely providing analysts with real-time, surgical targeting of suspect information (from flow to application to full packets).

NarusInsight Discover Suite (NDS), which supports detection of the following services and protocols for the purposes of billing, quality of service, planning and provisioning as well as blocking:

  • VoIP (SIP, H.323, MGCP, RTP, RTCP)

  • Skype

  • Streaming media (RTP, RTSP)

  • Peer-to-peer (Gnutella, BitTorrent, KaZaa, eDonkey, etc.)

  • Web (HTTP, SMTP, POP3, IMAP)

  • Messaging (IM, MMS)

  • Push-to-talk

See also