Ixia Aims to Protect Enterprises by Reducing Attack Surfaces
The design of Ixia's new ThreatArmor security appliance is based on the premise that limiting the ways you can be attacked reduces risk.The Internet is a vast, largely open global network, but it doesn't always have to be that way, especially when it comes to security. Network security vendor Ixia today announced its ThreatArmor security appliance, which aims to protect organizations by limiting the attack surface. "For most organizations, there are big chunks of the Internet where they just don't do business," Scott Register, senior director of product management at Ixia, told eWEEK. "So for a health care company in California, there is a very small chance that a connection coming in from Burkina Faso is valid." The Ixia ThreatArmor appliance is a front line of defense for enterprises blocking inbound connections from places with known malware as well as those with which an organization doesn't do business. ThreatArmor also blocks outbound connections from internal hosts to bad sites, Register said. The ThreatArmor system is based on IP address and not any specific URL address filtering. Multiple types of technologies, including next-generation firewalls (NGFW), security proxies and application delivery controllers (ADC) all provide different types of filtering, though Register said that Ixia is taking a different approach. NGFWs and ADCs are generally focused on deep packet inspection, URL filtering, threat analysis and detection, he said.
"We do none of that; we only do IP-based blocking," Register said. "We are differentiated by doing very high-speed, IP-based blocking, which reduces load on those devices and the SIEMs [security information and event management] systems they feed into."