ConSentry Networks Delivers Breakthrough Secure LAN Controller® Product Family

Secure networking solution powered by breakthrough silicon architecture delivers total LAN control

Milpitas, CA – September 19, 2005 – ConSentry Networks, a leading provider of secure networking solutions for LANs, today announced its Secure LAN Controller product family. The company’s groundbreaking product line addresses pent up demand to tightly control user access to authorized resources and contain malware outbreaks within internal networks -- the target of increasingly severe security breaches -- in order to preserve data integrity, support critical regulatory compliance initiatives and maximize network availability.

ConSentry’s flagship CS-2400 and entry-level CS-1000 are the industry’s first systems to provide complete visibility into user activity and the ability to stop unauthorized access to data, and contain the spread and impact of Malware in real-time. This functionality is provided in a single, snap-in system that leverages existing network infrastructures and identity management systems.

With the introduction of the CS-Series products, ConSentry is shattering conventional price/performance barriers by securing every user for an average of only $30. ConSentry’s Secure LAN Controllers consolidate critical visibility and access enforcement functions that can easily displace disparate, costly and complex monitoring, control, and policy tools that enterprise customers are struggling to deploy and manage.

“The need to deploy an ‘inside-out’ defense strategy to protect our LANs from unauthorized network and user access has grown significantly,” said Andre Gould, vice president of Information Security with Continental Airlines. “ConSentry Networks is the only vendor we evaluated that has demonstrated the ability to inspect all traffic in real-time up to the application layer and associate that traffic with individual users. This is a distinct security advantage because we now have tremendous control, not only over who is allowed on the network, but what resources and applications specific users are authorized to access. And all of this can be done without having to deal with complex Access Control Lists (ACLs) or VLANs.”

Custom Silicon Powered Solution

ConSentry’s 10-port CS-1000 and 24-port CS-2400 systems are designed with the patent-pending LANShield™ Silicon Architecture featuring a programmable 128-multithreaded CPU and custom ASICs that provide the packet acceleration needed to fully visualize and control high-speed LAN-based communications. This level of processing power is essential since the ConSentry systems operate as inline devices, at wire speed with up to 10 Gbps throughput in high-speed LAN environments requiring very low latency. This throughput is up to ten times greater the performance of traditional security appliances. The LANShield architecture minimizes average latency to about 50 microseconds to ensure existing enterprise applications are not impacted as control is added to the LAN.

“A viable option for implementing a form of Network Access Control is to have an in-line device that piggybacks on a switch on your network,” explains John Pescatore, vice president and Distinguished Analyst with Gartner. “This approach has many advantages over pushing ACLs to routers or switches, or trying to do on-the-fly edge firewall reconfiguration."

Controlling What You See

ConSentry’s Secure LAN Controller automatically tracks the identity of a user once they are authenticated, thereby allowing network administrators to completely control access to LAN resources and applications on a user and group basis. This capability, which is unique to ConSentry’s Secure LAN Controllers, avoids the complexity of trying to control user access strictly on the basis of IP addresses. Once identified, a user’s activity is continuously tracked and can be used to trigger incident reports and cite violations that can be managed through the enforcement of granular access control policies. Network activity information can also be used to maintain reporting on a per user basis for regulatory compliance initiatives including Sarbanes-Oxley, HIPAA, and the PCI Data Security Standard. Unlike most traditional security devices that can only inspect and control traffic up to Layer 4, the Secure LAN Controller classifies and decodes traffic up to Layer 7 to enable robust application-based access enforcement.

Protecting the Network from Attacks To detect and contain known and unknown malware in milliseconds before a network-wide infection can cause major damage, the Secure LAN Controller leverages patent-pending detection algorithms that are based on Layer 7 application behavior characteristics rather than complex baselining or attack signatures. For example, ConSentry’s detection algorithms can recognize scanning worm characteristics such as high rate of connection attempts and can discriminate between normal user activity and worm activity by detecting connection failure rates. Because the Secure LAN Controllers operate inline, in close proximity to users, the systems can immediately block the spread of malware at the source.

Simple and Seamless to Deploy

The ConSentry CS-Series is deployed at the distribution layer and sits transparently behind the access/wire closet switches. Aggregating multiple switches, the systems leverage existing authentication services that include Active Directory, Kerberos, RADIUS and LDAP, as well as third-party host integrity software. As a result, enterprises can literally snap-in a ConSentry solution without any disruption to the existing network for simple and ubiquitous deployment.

ConSentry’s Insight Manager™ provides IT staff with a centralized, easy-to-use, and actionable control panel for a single view of all user activity and security incidents. This central management and reporting system integrates with network management systems via syslog and SNMP interfaces. Trend reports embedded with the Insight Manager or integrated into third-party tools include application access activity by user in support of regulatory compliance initiatives.


Pricing for the 10Gbps CS-2400 system, designed for high-density LAN environments, starts at $27,995. For low density environments, the entry level CS-1000 system is priced at $17,995 for a 2Gbps solution. Both products are available now.

About ConSentry Networks

ConSentry Networks secures enterprise LANs with a purpose-built system that protects enterprise LAN’s at disruptive price/performance levels. ConSentry’s solution leverages its breakthrough, patent-pending silicon architecture to continuously identify all LAN traffic and enforce user access to authorized resources and applications at wire-speed, in real-time. For more information, visit the company’s Web site at

ConSentry Networks, the ConSentry Networks logo, and LANShield are trademarks of ConSentry Networks Inc., for use in the United States and other countries. All other product and company names herein may be trademarks of their respective holders.

Must Read Articles