Startup builds intrusion prevention system for home networks

Attacks against routers and IoT devices will generate consumer demand for intrusion prevention systems, the company believes

By Lucian Constantin, IDG News Service |  Networking

At a time of growing concern about the security of interconnected devices in homes, a startup aims to provide consumers with a type of network security system traditionally used by businesses.

At the DefCon 22 security conference in Las Vegas last week, San Jose-based Itus Networks unveiled an intrusion prevention system that it claims can protect the increasing number of network-connected consumer devices from outside attacks.

The firm's iGuardian product, which the company hopes will be mass produced starting in February, is a small device that can be installed in front of a router to analyze incoming and outgoing network traffic for signs of malicious activity.

Network-based intrusion prevention systems (IPS) are security appliances typically used on business networks. Depending on the brand, specifications and amount of traffic they can inspect in real-time, their price varies from a few hundred dollars to thousands of dollars, making most of them too expensive for home use.

With an estimated price for the iGuardian of $179, Itus Networks founders Jock Breitwieser and Daniel Ayoub, who previously worked at Dell SonicWALL, hope that their product will change that without sacrificing technical capabilities.

The prototype has a dual-core 600Mhz Cavium Econa CNS3420 processor based on the ARM11 architecture, 512MB RAM and 2 Gigabit Ethernet interfaces. The final product, however, is expected to use a dual-core 1GHz Cavium Octeon III 7020 processor on the MIPS64 architecture that's more powerful than those found in some network security appliances from Juniper Networks, Dell SonicWall and Netgear. It will also have 1Gb DDR3 RAM and 3 GbE interfaces.

The iGuardian runs a popular open-source IPS software package called Snort on top of OpenWRT, a community-built Linux distribution for embedded systems. The device will get automatic updates for Snort community-developed rule sets -- definitions that are used to detect known attack patterns inside network traffic -- but users will also be able to subscribe to commercial Snort rule sets if they want to.

Long term, the plan is for Itus Networks to also research new threats and develop its own Snort rule sets for customers, the founders said.

The device will not only be able to block attacks from the Internet, but also malicious traffic originating inside the network. For example, if malware running on a local computer tries to contact a known bad server, the device could block that communication using IP address or URL blacklists, they said.

Join us:






NetworkingWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

Ask a Question