NSFocus Launches North American HQ with Security Appliances, Web Service

NSFocus introduced its Web application firewall, an intrusion-prevention system, system appliances designed to thwart distributed denial of service attacks and a Web security service as part of its North American launch.

Chinese security company NSFocus opened its North American headquarters in Santa Clara, Calif., and introduced its line of network-security appliances in the United States.

NSFocus offers cloud-based Web security services and three hardware appliances with a Web application firewall, network-intrusion detection and prevention, and anti-DDoS) anti-distributed-denial-of-service capabilities. The company made its formal launch announcement May 9 at Interop in Las Vegas.

NSFocus will be competing in an already-crowded security space with established companies such as Cisco Systems, Fortinet, HP/TippingPoint, IBM ISS, Juniper Networks, Intel's McAfee and SonicWALL. The company also has to contend with the "elephant in the room," namely, whether a Chinese company could be trusted to handle security in light of all the malicious Web activity that originates from that country, Frank Ip, vice-president of North American operations at NSFocus, told eWEEK.

"There's an impression of China being all about hackers and not really sympathetic to North American companies," Ip said. Hackers don't describe all Chinese companies, and especially not the team at NSFocus, who is "hard working" and emphasizes "due diligence" in everything, according to Ip. The company is privately owned and has no government involvement, so customers don't have to worry about the Chinese government getting involved with their security infrastructure.

The company has been around for a long time in the Asia Pacific and is "not new" just because the U.S. market doesn't know about it, said Ip. NSFocus has several U.S. partners who work overseas and those partners were the ones who requested the company set up a North American presence, according to Ip.

The first appliance that NSFocus is introducing to the market is a Web-application firewall. It sits inline in front of Web applications to prevent attacks and allows the IT security team to fine-tune filters and establish policy. It also provides an anti-defacement cache so that compromised sites can remain online while being remediated in the background.

The Web application firewall appliance has been available to Asia-Pacific customers and has been "flying off the shelves," Vann Abernethy, product manager in North America at NSFocus, told eWEEK.

It is a simple step to set policy and say "block future incidents like this" while the IT manager is fixing a problem or looking at an existing exploit, Abernethy said. The appliance also allows companies to meet compliance requirements, especially the one in PCI-DSS that states companies have to either deploy a WAF (Web application firewall) or conduct regular source-code reviews, Abernethy said.

The network intrusion-prevention system appliance, or NIPS, is a "next-generation" gateway that is deployed inline to identify, classify and stop known and unknown malicious traffic and network threats using behavioral analysis, according to Abernethy. Policy can be defined using specific VLAN segments and IP address ranges.

The anti-DDoS system, ADS, is intended for data centers, metropolitan-area networks, Internet service providers, backbone networks and enterprises to defend against DDoS attacks, Abernethy said. It detects the presence of a potential attack and blocks malicious traffic without impacting the flow of legitimate transactions, according to Abernethy.

 The WebSafe Web security service will be run entirely by partners, who will offer monitoring, filtering and reporting on network threats using NSFocus appliances. None of the customer data will be going to China and all the scanning will be done on partner infrastructure in the U.S., according to Abernethy. The anti-threat team in China will be analyzing threats and exploits and make that information available for the partners and to help with the reporting, but all scanning will remain within the partner networks.

"The growing number of threats makes it more imperative than ever for companies to actively defend their networks," said Ip.

All three appliances have been available to Asia-Pacific customers for quite some time and will be available to North American customers immediately, according to Abernethy. Pricing starts at $12,000 for NIPS, $17,000 for WAF and $25,000 for ADS.  NSFocus is still finalizing the details for partners who have the appropriate infrastructure and tools to provide the WebSafe service.

"NSFocus is well-established in its home region and has proven its ability to help large companies secure their networks," said Robert Ayoub, global program manager of the network security group at research firm Frost & Sullivan.  "In entering the North American market, its challenge will be to translate the credibility it has built abroad into trust among customers here. 

The company will be working with channel partners to tap into the small and midsize enterprise market and hosted service providers such as ISPs, managed security services providers and telecommunications companies, according to Ip.