ConSentry Locks Down LANs
Launches its first products, offering perimeter-style security on the LAN
September 20, 2005
Security startup ConSentry Networks Inc. is taking aim at local-area network (LAN) security with its first products and customers, announced today (see ConSentry Targets LAN ).
ConSentry, which recently clinched $17 million in Series C funding and lured a number of executives from Juniper Networks Inc. (Nasdaq: JNPR), Cisco Systems Inc. (Nasdaq: CSCO), and Extreme Networks Inc. (Nasdaq: EXTR), took the wraps off its CS-2400 and CS-1000 devices, which it claims offer perimeter-style security within the LAN.
Both products are 1U high and support, respectively, up to 1,000 and 200 users, according to ConSentry. Firms deploy the products in front of their switches to control access by internal users. The goal is to limit the spread of virus and worm attacks within the network.
ConSentry, which has developed its own ASICs for the devices, claims its gear is an alternative to costly and complex LAN security deployments involving a range of different products.
Continental Airlines Inc., for example, is already testing two CS-2400 devices in production mode. There’s not necessarily a competing technology out there,” says Andre Gold, the airline’s director of information security. “Up until this point there weren’t any cost effective solutions.”Gold says the only other options for securing his internal network rely on combinations of different technologies, such as intrusion prevention systems, firewalls, and denial-of-service technologies. “All of these have too many moving parts, they are way too cumbersome, and they mean capital expenditure upgrades to my infrastructure,” he adds.
These sentiments are echoed by Steve Olson, infrastructure manager of the Las Vegas Review Journal, which has deployed one of the ConSentry devices. “So far, so good, it’s actually a pretty slick box,” he says.
For Olson, one of the major benefits of the technology is the fact that it automatically manages security policies for different sets of users. “When you have two departments that have night and day needs, it’s very difficult to find a product that can set different sets of security rules,” he says. Olson uses the example of enabling journalists to visit certain Websites for their research, which would be off-limits to other users.
Like Gold, Olson says the only other way to solve this problem involves buying different devices for each group of users. “If you start putting an intrusion detection and prevention system on every subnetwork you end up spending more.”
ConSentry is not the only vendor working on the LAN security dilemma. Fellow startup Nevis Networks Inc., for example, is also building its own LAN device, also with custom silicon. Bill Scull, senior vice president of marketing at Nevis, told NDCF that the device will be launched later this year, although he refused to reveal any specifics. "It will be in customers' hands very shortly," he adds (see Secret Security Startups Score Cash)Another vendor also targeting the LAN is Juniper, which is building a controller device as part of its Enterprise Infranet initiative. The controller, which is yet to be launched, will enforce centrally managed security policies, such as preventing non-compliant PCs from connecting to the network (see Juniper Infranets the Enterprise and Juniper Ups Its VPN Ante).
For ConSentry, long-term success rests on the startup’s ability to lure users over to its platform. ConSentry’s vice president of marketing, Faizel Lakhani, tells NDCF that the company is already getting some traction. “We have a rich pipeline,” he says. “We’re currently working with 120 different customers.” ConSentry will be announcing some new customers in the next few months, he adds.
ConSentry is also looking to expand its 60-strong workforce. “We’re hiring,” says Lakhani. “We’re continuing to grow as the business needs it.”
— James Rogers, Site Editor, Next-Gen Data Center Forum
You May Also Like