A new startup hopes to squeeze into the crowded market for network discovery and mapping with a proprietary technology that overcomes limitations of existing techniques.
Insightix Ltd. last week launched its DID (Dynamic Infrastructure Discovery) technology, which officials claim can detect and identify the 10 to 40 percent of elements that other passive or dynamic discovery mechanisms fail to find. The unique technology does both active and passive real-time, dynamic network discovery without exacting significant overhead on the network or on devices. It does not use agents to gather data.
“Active network discovery suffers from an inability to completely and accurately detect all elements found on a network,” said Ofir Arkin, chief technology officer and co-founder of Insightix, in Raanana, Israel. “For example, active discovery tools cant see behind firewalls. Passive discovery is installed at a choke point on the network and looks at network activity to draw conclusions about elements. But if the traffic doesnt go through that choke point, the passive system wont be aware of those elements.”
Insightixs DID technology is a proprietary, passive operating system fingerprint tool that can “look inside a communication, and with very few packets it can identify granular information about components on a network,” said Arkin.
DID gathers information about what devices are communicating with one another and what applications and protocols are running. The system can also detect inactive or deliberately concealed devices; the location of each PC, server or switch; and dynamic network changes that can indicate the addition of unauthorized PCs or rogue access points.
One beta tester working with the DID system found it to be more scalable than scanning-based discovery systems. “Once you get to 100 servers to actively scan, its not real-time anymore. We wanted to know in real time whats on our network,” said Brad Martin, senior security analyst at Chick-fil-A Inc., in Atlanta.
The product comprises collector and manager software components. Collectors are distributed on x86-based PCs on the network—typically between the networks access and distribution layers. The manager runs on a hardened Linux system. It is due this month and is priced starting at $4,000 for 100 devices.