Force10 release 10GE IDS/IPS

Force10 is getting into a new territory by the release of its P-series 10GE/GE IDS/IDP yesterday. Basically speaking, it's the first 10G IDS/IDP products in the market. Force10 P-series products includes P-10, which has two 10GE ports, and P-1, which has two 1GE ports. They can work like with SPAN from switches lieke IDS's , and in-line like IPS's. Force10 will compete against Juniper, Cisco, Fortinet, 3Com and other high-end IDS/IPS/UTM vendors.

It's a bit astonishing that 2×10GE port P-10 is condensed into a 1U rack mountable box. Based on its patented DPI (deep packet inspection) technology, P-series engines run at full line-rate for GbE or 10 GbE network links with full deep-packet inspection and stateful signatures/policies enabled.

While they're at it, Force10 officials are taking a swipe at the mainstream security market with the P-1, a similar two-port box for Gigabit Ethernet lines.

MetaNetworks was shipping its own products, but those are subsumed by the P-series, which Force10 believes is more suitable for volume shipments. Force10 officials have said they'll eventually turn MetaNetworks's FPGA-based technology into a series of blades.

Any lead Force10 has in 10-Gbit/s security might not last long. Fortinet Inc. admits it doesn't have a 10-Gbit/s intrusion detection and prevention box, but the company pledges it will "announce something, probably within the next couple of months," a spokeswoman says.

Both of the P-series systems are shipping in production, with the P-10 listed at $95,000 and the P-1 at $38,000.

Click here for the datasheet.

More on SOX – VoIP

Gary Audin wrote a good post on VoIP and SOX, very unique view point and insight. Gary reviewed the goal and criticized the maturity and operationality of SOX and even predicted the modification in the near future.

The SOX goal is to insure the reliability of publicly reported financial information. Corporate boards, enterprise executives and directors, attorneys, auditors, small business owners, rank and file employees and security analysts have expanded duties as well as penalties as result of the SOX act. The legislation was not thoroughly debated. The result is being questioned, delayed and will probably be modified. It is a moving target where auditors may develop new policies and requirements in the future. My initial comments on SOX will found in the previous Blog, “Putting up with SOX”.

Further, Gary discussed what IP telephony (IPT) / VoIP systems might bring to SOX compliance.

IP Telephony systems will have IP phones that may access the Internet and softphones that are compromised. These could be the man-in-the-middle for attacks or malicious behavior. The call server could be hijacked to create denial of service for the VoIP service. Trojan break-ins could access financial information from an IPT device. Even when there are security personnel and procedures in place, if they are handled poorly and the CEO and CFO falsely report that they are diligent in their control, penalties may occur.

….

Do not wait for the audit. The results can be costly. Be proactive as you move to VoIP/IPT.

IMHO, because SOX is a financial oriented act, so if VoIP/IPT is not your business, ie. revenue generator, you might not cover VoIP auditing in your SOX compliancy audit, because in general they are not used to process and control those financial numbers. However, it's different to those VoIP operators, where security control of VoIP billing directly impact the final financial results and morever the shareholders' benefit.