Narus brings carrier security system to IBM blades

Narus Inc. is moving to help service providers scale up their network security, porting its NarusInsight Security Suite (NSS) to blade servers for the first time.

NarusInsight is designed to detect IP (Internet Protocol) attacks on carrier networks, such as DDOS (distributed denial of service) and worm attacks, and alert network administrators as well as third-party tools that can halt those attacks. As the size of IP networks and the level of traffic on them grows, Narus aims to help carriers keep tabs on the situation.

The Mountain View, California, company will unveil its latest software, NarusInsight Secure Suite 6, on Tuesday at the RSA Conference in San Francisco. With the latest version, it has ported both elements of the system -- data collection and logic servers -- to IBM Corp.'s BladeCenter platform. Carriers can fill a rack with 13 collection blades, each monitoring a network connection as large as 10G bps (bits per second), with one logic blade handling the collected data, said Steve Bannerman, vice president of marketing and product management at Narus. The carriers can also link multiple chassis together and the logic blades will work together as a unit, he said.

Previously, the NarusInsight collection servers were available only on Dell Inc. 1U rack-mounted servers. (The logic server can run on any Red Hat Inc. Linux hardware platform.) Blades tend to take up less space and consume less energy than rack-mounted servers, which can be critical issues in crowded service provider facilities.

Narus also put a new user interface in NSS 6 to help network managers more quickly interpret incoming data about the network. For example, it will be easier to distinguish the traffic spikes caused by DDOS attacks from those that happen because users are sharing a new music video, Bannerman said. The new version also has built-in software for interoperability with mitigation tools such as Cisco Systems Inc.'s Cisco Guard. Previously, making the third-party tools work with Narus' monitoring system was a separate task, he said.

AT&T Inc., Korea Telecom and Japan's KDDI Corp. are among Narus' customers. The company began selling NarusInsight about five years ago, Bannerman said. As carriers move from basic IP transport to providing their own services such as VOIP (voice over IP) and IPTV, they increasingly are the victims of attacks, he said. Meanwhile, enterprises are relying on carriers to keep their networks free of threats and the service providers are seeking added business by offering special security services, Bannerman added.

NarusInsight deployments may cost anywhere from US$1 million to $15 million depending on the size of the network and other factors, Bannerman said.