Top Layer’s Intrusion Protection Protects Enterprises from Emerging Cyberthreats

New TopInspect file-validation technology adds protection against spyware, P2P applications, viruses, and file-based remote exploits

• By James E. Powell
• 04/17/2007

Top Layer Networks is now shipping a new version of its flagship IPS 5500 intrusion prevention solution, the E-Series. In addition, its new IPS Controller management software can configure and manage multiple IPS 5500 units throughout the network in real time.

The ongoing discovery of vulnerabilities in software exposes servers and client workstations to spyware, viruses, and other security risks. In 2006 and 2007, Top Layer Networks says, the prevalence of vulnerabilities in file-handling software, such as various components of Microsoft operating platforms, is increasing.

The IPS 5500 E-Series uses TopInspect Deep Packet Inspection to analyze network traffic as two distinct parts: Protocol Validation Modules (PVM’s) inspect the network protocols that are used to initiate communication and carry payload data from one computer to another; Data Validation Modules (DVM’s) inspect the actual files that are carried as payloads by the network protocols.

Rather than use regular expressions or compound signatures when checking network traffic, the IPS 5500 E-Series uses file-format awareness to identify the contents and applies a data validation module created for that file format. The company says this results in fewer “’signature’ updates, better coverage of multi-vector vulnerabilities, and fewer-false positive indications.”

“Compromised computers are the vehicle by which a significant portion of 2007 cyber attacks are delivered,” said Peter Rendall, president and CEO of Top Layer Networks. “It is crucial that enterprise organizations protect their computing infrastructure from the threats which can lead to compromised systems, including remote exploits, Spyware, P2P applications, and other malware.”

The IPS 5500 E-Series leverages the company’s Three Dimensional Protection (3DP) that offers server and client desktop protection. Other new features in the product include: %%Protection against file-based remote exploits and therefore less reliance on patching for protection

• Improved protection against spyware and viruses by using a new IPS protection processor that employs TopInspect file validation, plus antispyware and antivirus protection

• A P2P PVM that allows for the creation and management of policies to control popular P2P applications, including file-sharing applications such as BitTorrent and Gnutella.

• VoIP security guards against vulnerabilities within Session Initiation Protocol (SIP) implementations via a SIP PVM The IPS 5500 family of intrusion prevention products is optimized for medium to large enterprises, service providers and governments. Top Layer’s centralized IPS management solution comprises management software and the TopResponse™ Advisory and Update service. It can provide security administrators with real-time aggregated information to enable real-time response.

More information is available at http://www.toplayer.com