Company News: Page (1) of 1 - 01/28/08 Email this story to a friend. email article Print this page (Article printing at MyDmn.com).print page facebook

ConSentry Delivers Integrated User and Application Control to LAN Access Edge with Intelligent Switching Architecture

(January 28, 2008)
DMN Newswire--2008-1-28--Bringing disruptive innovation to the LAN access edge, ConSentry® Networks today introduced its Intelligent Switching architecture, a breakthrough in user and application control implemented through a new release of the field-proven ConSentry LANShield Switch.  Deployed in the wiring closet for the tightest control, Intelligent Switching integrates user, role, and application knowledge with a programmable, wire-speed switching platform to allow IT to bring business context into the LAN, dramatically simplify deployment and operations, and keep pace with evolving business requirements.

The following new LANShield Switch features provide support for Intelligent Switching in the LAN:

§  Application-based quality of service (QoS) at Layer 7

§  Increased control of Web-based applications and instant messaging (IM)


§  Complete LAN visibility by user, role, server, and file

§  Automatic device and role discovery, drawing from existing identity stores

§  New security and policy features to protect against MAC spoofing and avoid static IP address mapping of web destinations

ConSentry customer Adaptec (NASDAQ:ADPT) has standardised on ConSentrys Intelligent Switching to replace existing Cisco access switches across its global operations.  ?The value of having this degree of user and application intelligence integrated into our wiring closet switch is key, said Lou Owayni, global network and telecom manager at Adaptec.  ?With LANShield, when new users are placed in Active Directory, I can safely and automatically add them to the LAN and implement access controls with a single touch. This simple deployment improves efficiency and reduces our TCO tremendously.  We also can automatically track where users go and what resources they need to perform their roles, which helps me better manage application performance and develop policies that map to real business practices.

Editors Note:  See the announcement ?Adaptec Selects ConSentry LAN Access Switch as ?Best in Class for Network Upgrade and Future Growth, also released today, for more details of the Adaptec deployment.

Legacy LAN Architectures Cannot Support Intelligent Switching

Todays IT organisations are being asked to simultaneously support a more dynamic, collaborative, and diverse workforce; rapidly roll out new LAN services such as VoIP and wireless; and optimise application performance to ensure high user productivity, all while protecting corporate assets and logging user activity in detail.

The legacy access-switch architecture complicates these tasks because it operates on IP addresses and Layer 3/Layer 4 ports and has no inherent understanding of users, user roles, devices, applications, or the interplay of these factors.  IT must create and maintain complex VLANs and ACLs and/or deploy third-party applications and devices to implement even the most basic user and application control. To align LAN operations with business needs requires smarter networks that have the processing performance and native understanding of users and applications to deliver complete control, right in the wiring closet.
 
   Legacy Architecture     Intelligent Architecture
 
Performance  Wire speed  Wire speed
 
Latency   Microseconds   Microseconds
 
Hardware   Fixed   Programmable
 
Processing   Packet-based   Flow-based
 
User context   IP address   Identity, device, role
 
Application detail  Limited to L4   Rich L7+ detail
 
Access policies   Complex VLANs/ACLs  Dynamic by user/role/app
 
Security    Overlay, external apps  Embedded
 
Audit/Troubleshoot  Sampled L4 data  Full user/app/resource data
 
ConSentrys LANShield Switches incorporate an Intelligent Switching architecture that combines a multi-threaded, multi-core, custom packet processor with enterprise-class merchant switch silicon and a mature software suite to provide detailed Layer 7 visibility and dynamic control of users and applications across the LAN.

The research firm Gartner has defined the five dimensions of network design as access/location, user, application, device, and activity. ?Network architects must understand these dimensions to effectively build a next-generation network, said Mark Fabbi, vice president, distinguished analyst, Gartner. ?Beyond designing around these elements, IT needs a way to implement controls based on them, and enabling these dimensions in a switch allows that control to be pervasive. Given the changing nature of traffic patterns in todays LANs, with less traffic following a hub-and-spoke design and an increase in peer-to-peer applications, that control is best implemented at the user edge.

Intelligent Switching Addresses Todays LAN Requirements, Fulfills ConSentry Founding Vision

ConSentry was founded to deliver the next generation of switching platforms, and the company has spent the last two years tuning its systems to support the most demanding LAN applications, such as wire-speed access security.  Now the company has extended its support to the full range of user and application control in a high-performance, intelligent switch that leapfrogs legacy architectures.

The ConSentry LANShield Switch authenticates users and devices against standard identity stores and automatically learns their roles. Then for each traffic flow, it identifies the application in use, applies policies based on role, and fully tracks all activities. Rolling out new services and supporting shifting workforces becomes much simpler because the need to manually separate traffic onto different VLANs, implement and update ACLs, and configure QoS policies is eliminated. 

Incident response and troubleshooting is also faster and easier.  Instead of combing through logs of IP addresses and Layer 4 ports, IT gets a complete and consolidated dashboard view of who is doing what on the LAN, with username, role, application, and server all tied together.  This tight integration enables granular control, down to file-based views of individual and global application use.

?Our vision for ConSentry has always been to build a network that automatically and transparently provides user and application control, said Jeff Prince, founder and CTO of ConSentry.  ?The legacy switch architecture supports connectivity, but with limited intelligence or control, so we knew there was a huge opportunity in building a switch that could natively support todays much more demanding global business environment without increasing complexity, as so many other technologies have.  To deliver the ?smarts of Intelligent Switching requires new, multi-threaded processing hardware and new parallel-processing software.  Standard CPUs and switching software can never support the packet processing and correlation requirements of Intelligent Switching.

ConSentry has been awarded five patents for its LANShield processor related to wire-speed packet handling.

Pricing and Availability

ConSentry LANShield Switches with Intelligent Switching are available today at a base price of $7,995 and the latest version of the LANShield OS is available as a free upgrade to ConSentry switch customers with a current support contract.

 


Page: 1


Related Keywords:consentry, lanshield

HOT THREADS on DMN Forums
Content-type: text/html  Rss  Add to Google Reader or
Homepage    Add to My AOL  Add to Excite MIX  Subscribe in
NewsGator Online 
Real-Time - what users are saying - Right Now!

Our Privacy Policy --- @ Copyright, 2015 Digital Media Online, All Rights Reserved