Comparing Narus' Dr. Antonio Nucci to your average CTO is like comparing Tiger Woods to your average duffer.
Over his career, Nucci has published more than 30 papers, applied for 22 patents in optical and IP networking technology, and written the definitive textbook on managing large IP networks. He's also turned the Internet security racket inside out, thanks to his information entropy anomaly detection engine.
Nucci's entropy algorithms form the heart of NarusInsight Secure Suite (NSS), which protects the infrastructure of tier-one carriers such as AT&T, T-Mobile, and Korean Telecom.
Instead of identifying a worm or DoS attack by virus signatures or sudden spikes in traffic, NSS searches for the hidden patterns of worms, spam, DoS and other malicious traffic, then blocks them before they achieve their deadly goals. Because NSS resides at the core of a telecom network, it sees all traffic flowing across the backbone, monitoring billions of bits per second in real time. Narus claims a 97 percent success in identifying even small-scale attacks, with a false positive rate of less than 2 percent.
Carriers can also use Nucci's algorithms to identify legitimate packets, from Web traffic to VoIP to file downloads – what he calls “classification in the dark.” This lets telecom companies ensure quality of service for the applications that need it, block unauthorized traffic, and bill customers according to the IP services they've used.
Next year, Narus will introduce a version of NSS that learns as it goes, automatically classifying new attacks as it encounters them. “It will learn the way a kid does,” says Nucci.
To ensure that Narus maintains this level of innovation, Nucci initiated the Narus Research Fellows Program, which offers funding for 35 researchers at 15 major universities to tackle thorny problems involving security over IP.
“It's really fun watching these researchers working in teams, figuring out new solutions,” he says. “What will 'security' mean in 2010? We have to start anticipating how hackers will challenge us in the future. It's like a chess game. In three years, what will the rules of the new game be?”
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive InfoWorld Resource Alerts
Recommend This
