In the science fiction movie Minority Report, police see the future and arrest crooks before they have an opportunity to commit their crimes.
According to Ken Low, senior security manager of 3Com Asia-Pacific, this is how his company approaches cybercrime. He says, “Most security products currently on the market are designed to deal with attacks after the event — our goal is to stop attacks before they happen.”
3Com’s pre-emptive security strategy is built around IPS (intrusion prevention systems). It’s a technology the company picked up last year when it acquired Tipping Point, a network security specialist, for US$430 million.
Tipping Point’s IPS is an online appliance that inspects all data packets passing through a network to determine whether they are malicious or not. Low says the device can instruct the switch to block access and stop the bad packets from ever reaching their destination.
IPS technology has certainly struck a chord with users. According to a US survey conducted at SANS training conferences, only 3% of companies are looking at making new investments in firewalls, while 34% are planning to spend on network IPS.
Low says the IPS approach is taking off because of the ways computer security attacks are changing. This means tools like firewalls, antivirus and antispyware software are no longer enough. For a start, he says, today’s hackers are no long harmless teenagers breaking into systems for the sheer fun of it; increasingly they are professional criminals working for money. “Often an attack is a precursor to a bigger problem,” he says.
At the same time, today’s hackers have access to a huge range of programs and other resources — some of which Low describes as “power hacking tools” — that automate the cybercrime attacks. Another threat comes from devices like the Xbox and iPod which can sneak past traditional security cordons.
The latest implementation of Tipping Point’s IPS technology is in what Low describes as a chassis-based hardware system.
“It uses blade architecture and acts like a core switch. Tipping Point offers the fastest speeds in the world, the current model works at 5GB/s which is more than twice the speed of the nearest competitor. Our next model will be thirty times faster than the competition,” he says.