Guardent Inc. on Wednesday will unveil its new Security Defense Appliance, a Linux-based box that combines firewall, IDS and vulnerability scanning capabilities.
The appliance is the centerpiece of a new service from the managed-security services company that will integrate security technologies with Guardents ability to correlate event data.
Installed at client sites, the SDA is connected to Guardents secure NOC via a single persistent IPSec tunnel. Data from all of the on-board security devices is passed through this one connection, creating a single footprint that prevents an attacker from deducing which or how many security devices are in use.
The devices are monitored round the clock by Guardent and the companys analysis software correlates IDS event data in the context of vulnerable platforms and scanning results to help eliminate false positives. Data from the SDAs is available to customers via a Web-based portal.
Guardent officials say that the SDA can also be used to segment protected networks, effectively sealing off each portion of a corporate network from every other portion. For example, the human resources department and the sales organization of a given company can each have an SDA at their respective perimeters. Thus, if the sales department is infected by a worm, the SDA can install a filter for the worm in real time, preventing it from spreading to any other departments.
The SDA also supports other vendors security technologies, including NetScreen and Check Point Technologies Inc. firewalls and Trend Micro Corps anti-virus software.
The SDA will be available in January and can be licensed for $1,500 per month.