NSFocus introduced its Web application firewall, an intrusion-prevention system, system appliances designed to thwart distributed denial of service attacks and a Web security service as part of its North American launch.
Chinese security company
NSFocus opened its North American headquarters in Santa Clara, Calif., and
introduced its line of network-security appliances in the United States.
NSFocus offers cloud-based Web security services and three
hardware appliances with a Web application firewall, network-intrusion
detection and prevention, and anti-DDoS) anti-distributed-denial-of-service
capabilities. The company made its formal launch announcement May 9 at Interop in
NSFocus will be competing in
an already-crowded security space with established companies such as Cisco
Systems, Fortinet, HP/TippingPoint, IBM ISS, Juniper Networks, Intel's McAfee
and SonicWALL. The company also has to contend with the "elephant in the room,"
namely, whether a Chinese company could be trusted to handle security in light
of all the malicious Web activity that originates from that country, Frank Ip,
vice-president of North American operations at NSFocus, told eWEEK.
"There's an impression of
China being all about hackers and not really sympathetic to North American
companies," Ip said. Hackers don't describe all Chinese companies, and
especially not the team at NSFocus, who is "hard working" and emphasizes "due
diligence" in everything, according to Ip. The company is privately owned and
has no government involvement, so customers don't have to worry about the
Chinese government getting involved with their security infrastructure.
The company has been around
for a long time in the Asia Pacific and is "not new" just because the U.S.
market doesn't know about it, said Ip. NSFocus has several U.S. partners who
work overseas and those partners were the ones who requested the company set up
a North American presence, according to Ip.
The first appliance that
NSFocus is introducing to the market is a Web-application firewall. It sitsinline in front of Web applications to
prevent attacks and allows the IT security team to fine-tune filters and
establish policy. It also provides an anti-defacement cache so that compromised
sites can remain online while being remediated in the background.
The Web application firewall
appliance has been available to Asia-Pacific customers and has been "flying off
the shelves," Vann Abernethy, product manager in North America at NSFocus, told
It is a simple step to set
policy and say "block future incidents like this" while the IT manager is
fixing a problem or looking at an existing exploit, Abernethy said. The
appliance also allows companies to meet compliance requirements, especially the
one in PCI-DSS that states companies have to either deploy a WAF (Web
application firewall) or conduct regular source-code reviews, Abernethy said.
The network intrusion-prevention
system appliance, or NIPS, is a "next-generation" gateway that is deployed inlineto identify, classify and stop known
and unknown malicious traffic and network threats using behavioral analysis,
according to Abernethy. Policy can be defined using specific VLAN segments and
IP address ranges.
The anti-DDoS system, ADS,
is intended for data centers, metropolitan-area networks, Internet service
providers, backbone networks and enterprises to defend against DDoS attacks,
Abernethy said. It detects the presence of a potential attack and blocks malicious
traffic without impacting the flow of legitimate transactions, according to
The WebSafe Web
security service will be run entirely by partners, who will offer monitoring,
filtering and reporting on network threats using NSFocus appliances. None of
the customer data will be going to China and all the scanning will be done on
partner infrastructure in the U.S., according to Abernethy. The anti-threat
team in China will be analyzing threats and exploits and make that information
available for the partners and to help with the reporting, but all scanning
will remain within the partner networks.
"The growing number of
threats makes it more imperative than ever for companies to actively defend
their networks," said Ip.
All three appliances have
been available to Asia-Pacific customers for quite some time and will be
available to North American customers immediately, according to Abernethy.
Pricing starts at $12,000 for NIPS, $17,000 for WAF and $25,000 for ADS. NSFocus
is still finalizing the details for partners who have the appropriate
infrastructure and tools to provide the WebSafe service.
"NSFocus is well-established
in its home region and has proven its ability to help large companies secure
their networks," said Robert Ayoub, global program manager of the network
security group at research firm Frost & Sullivan. "In entering the
North American market, its challenge will be to translate the credibility it
has built abroad into trust among customers here.
The company will be working
with channel partners to tap into the small and midsize enterprise market and
hosted service providers such as ISPs, managed security services providers and
telecommunications companies, according to Ip.