NetContinuum unveils all-in-one Web gateway

NetContinuum Inc., a new security company that debuted last week, unveiled a network appliance that could represent the wave of the future in Web security.

The Santa Clara, Calif.-based company introduced the NC-1000 Web Security Gateway that combines several key security functions into a single box that can perform tasks at wire speed.

Web traffic is becoming increasingly sophisticated and the corporate firewall — the first line of defense for networks — cannot inspect all the traffic that flows through its gates. Firewalls and network intrusion-detection systems are designed to protect against network-based attacks but aren't equipped to prevent attacks coming through Web browsers.

To solve that problem, the NC-1000 can be deployed behind the firewall to inspect all Web traffic coming through Internet server port 80 — the port that experiences the majority of cyberattacks. The security gateway can either block the traffic or send it to back-end Web applications, said Wes Wasson, NetContinuum's vice president of marketing.

The NC-1000 gateway represents the next evolution in security appliances by combining several features, said Peter Lindstrom, research director at Spire Security, a consulting firm based in Malvern, Pa. The product combines the power of a Secure Sockets Layer (SSL) encryption accelerator and Web application firewall with some Web access control, he said.

NetContinuum manages Web traffic as well, he said. "They do this all on a [micro] chip in a box positioned on the network perimeter, so Web applications are protected. It's fascinating," Lindstrom said.

Using the NC-1000, an information technology administrator can encrypt entire Web sites using SSL without requiring changes to back-end applications or servers. SSL encryption normally slows down Web servers, so IT managers usually offload encrypted traffic to hardware accelerators to speed up server performance. The NC-1000 can terminate incoming TCP sessions, and it automatically encrypts and decrypts URLs, handling 1 million simultaneous TCP sessions and 6,000 SSL transactions per second, Wasson said.

The gateway also provides "Web site cloaking" capabilities that make Web applications and servers invisible to hackers. Additionally, the NC-1000 can block network layer attacks, such as denial-of-service attacks and SYN floods, and stop application layer attacks, such as cookie poisoning and URL manipulation.

The heightened concern for security among federal agencies has helped NetContinuum make some inroads into the public sector.

The Navy Federal Credit Union is beta testing the gateway on its online payroll Web site, Wasson said. Encrypted traffic can bring the site to a crawl as the credit union serves its 2 million users during pay periods. Using the NC-1000 has given the site five times the performance it had before, Wasson said. The Interior Department will be the first federal agency to purchase the gateway, he added.

The NC-1000 comes in two versions. The NC-1000-C 10/100 costs $28,000, and a gigabit NC-1000G costs $38,000.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.