Appliance Monitors Network Traffic

The Array Security Reconnaissance analyzer lets network managers scan, analyze and record incoming and outgoing Web traffic.

Attempting to tackle growing corporate and national security concerns, Array Networks Inc. this week introduced a new network appliance for surveillance of Web traffic.

The Array SR (Security Reconnaissance) Secure Web Traffic Analyzer can scan, analyze and record incoming and outgoing Web traffic, including SSL-encrypted sessions, said officials at the Campbell, Calif., company. The Array SR is set to be available in the fourth quarter of this year.

The stand-alone network device selectively captures and analyzes network traffic. It watches thousands and thousands of traffic flows and records them based on set triggers, said Steve Shah, director of product management at Array. For example, a company could set a specific SMTP (Simple Mail Transfer Protocol) e-mail user as a trigger and watch the SMTP traffic in e-mails being sent by that user.

"Already companies see how to keep porn out of the office, and this is the next big step forward," Shah said. "Beyond the obvious filters, how do I look for questionable activities?"

In its initial version, Array SR will support HTTP, HTTPS, FTP and SMTP transmissions. In the first quarter of 2003, Array will add support for POP and IMAP traffic into the Array SR.

The device, operating at Gigabit wire speed, can capture Web traffic using methods such as static or dynamic IP, RADIUS (Remote Authentication Dial-In User Service), protocols, headers and content. Once recorded, the data is digitally signed and encrypted. The Array SR includes an integrated DVD writer so collected data can be exported for analysis elsewhere.

Array is targeting the new device at both large enterprises wanting to prevent the sharing of confidential information or network abuse as well as government agencies needing to bolster homeland security while meeting the terms of electronic surveillance laws.

Final pricing for the Array SR has not been set, but Shah said it should range between $80,000 and $100,000. The product is in the tail end of development, and he expects much fine-tuning, particularly to satisfy compliance with privacy laws, as customer begin testing the product.

Along with the Array SR, Array also introduced a sibling to its Array SP (Security Proxy) SSL virtual private network device that became available in July. The latest offering, the Array SP-C (Secure Proxy Compact), will offer most of the features of the Array SP but is targeted to smaller companies and office. It allows businesses to secure Web services and applications with encryption, authentication, authorization and accounting capabilities.

The Array SP-C will support as many as 100 concurrent users, while the Array SP supports up to 10,000 concurrent users, Shah said. The Array SP-C will be available Aug. 15. Pricing ranges from $15,000 for five concurrent users to $25,000 for 100 concurrent users, Shah said.