Esphion   Solutions & Products News & Events Customers Partners Company Resources
News & Events
Articles & Reviews | Press Releases | White Papers | Events & Webcasts | Thinking

Press Releases

October 15, 2001

Anti-Hacker Technology Race Heats Up

Albany, New Zealand. An Auckland start-up company is racing against time to counter hackers and cyber-terrorists.

Esphion’s netDeFlect is headed for beta testing later this month and New Zealand businesses could be amongst the first to test this latest innovation in data security. The Foundation for Research, Science and Technology assisted with a $100,000 grant through its Grants for Private Sector Research and Development scheme (GPSRD).

According to Johnny Cates, Chief Executive Officer of Esphion, if the development and testing sequence moves fast enough, netDeFlect, with some unique features, will be one of the first products of this kind on the world market.

“We know we’re racing against other developers, but we’ve got some interesting solutions that will make us stand out from the others,” he says.

Esphion’s chief technology officer, Juergen Brendel claims the hardware and software package will act as a defence against hackers’ ability to target massive amounts of malicious traffic at their victims, usually originating from large numbers of unwitting, compromised machines, so called Zombies, which the attacker has brought under control.

“These kinds of attacks are also known as distributed denial of service (DDoS) attacks, and operators of attacked networks and web sites usually do not have any viable defence against them. The massive flood of network traffic eventually consumes all available resources of a network, consuming bandwidth, or even crashing routers, so that legitimate users cannot reach the network installation anymore,” he says.

Mr Brendel says Esphion’s netDeFlect has the ability to reliably distinguish between attack traffic and legitimate traffic. “It can either alert operators at the onset of the attack, which gives a crucial early warning, or filter out the attack packets, just letting legitimate traffic pass through. If installed on large enough network pipes, a DDoS can be completely filtered out, without any negative effect on normal site operations,” he says

He says it is ideally suited for installation by ISPs and other network providers, who want to prevent any attacks from originating from their networks. It is aimed at large businesses and organisations, including government and defence sites and Mr Brendel predicts its capabilities could make it a world leading technology, with the potential to put New Zealand on the map as a centre of excellence in data security.

Esphion is based at Massey University’s e-Centre, a hi-tech incubator on Auckland’s North Shore. The company is less than a year old, and the $100,000 GPSRD grant has helped fast-track the R&D.

John Gibson, GPSRD investment manager, says there’s a nice synergy in allocating funding for data security R&D via FRST’s first internet- exclusive funding arm.

 

The solution
The web hosting company installed netDeFlect, Esphion’s patented network security solution. A single, standalone netDeFlect agent was deployed, connecting to the company’s two data centres to provide the new layer of DDoS protection.
To provide early warning of any build-up in traffic, the agent’s sensor is connected to a series of Layer 3 switches located upstream of the company’s border routers, as close to the boundary with its ISP as possible.

At the first detection of a possible DDoS attack, netDeFlect produces a fine-grained attack signature which is applied in the form of an access control list (ACL) to the Layer 3 switches. This is then used to block all traffic originating from the source of the DDoS attack (regardless of whether the addresses are spoofed) before it reaches any critical network infrastructure.

The immediacy offered by netDeFlect has helped to dramatically reduce the average resolution time for a network attack to just five minutes. Perhaps more importantly, by adding this proactive layer of defense the web hosting company has been able to improve service and ensure a greater ability to maintain service levels for its customers, regardless of network anomalies.

Esphion is there to detect anomalous behavior in your unique network environment - we don't care whether it is an attack that has a name and a signature or not - if it is determined to have the potential to disrupt your network we will provide you a solution to block it before it does. Think of us as a highly intelligent virtual network and security engineer watching network links 24x7x365.
Mark Edwards, CEO, Esphion

 
© 2007 Esphion Ltd. All rights reserved. | Legal Notice | Privacy & Security | Contact Us