SCIENCE

Endace has announced the results of its performance in the unsponsored and independent NSS Labs Group Test of IDS/IPS products. The results emphatically validate Endace’s claim that the EndaceProbe Core100 (EP Core100) is world leading and capable of continuously capturing and analysing every packet at full 10 Gbps speeds, making it the natural choice for monitoring high-speed critical infrastructure environments.

The tests were conducted by NSS Labs, the leading independent security product testing organisation in the world. Vik Phatak, NSS Labs’ chief technology officer, said: “Even under the harshest conditions, at full 10-Gigabit capacity with 1.7KB HTTP response traffic, we could not force the EP Core100 to leak attacks. Further, the system correctly identified 100 percent of our evasion attempts without error. It is one of the few products on the market capable of servicing the high throughput demands of a true 10-Gigabit environment.”

In its new national security strategy, the U.K. government last week cited attacks on computer networks as being among the biggest emerging threats to the U.K. Foreign Secretary William Hague said that, unless addressed, this could threaten the U.K.'s "economic welfare." When national security is at stake and the impact of missing a single packet can be catastrophic, nothing less than guaranteed 100 percent packet capture can be accepted.

The Endace platform has been designed from the ground up for monitoring high-performance, mission critical infrastructure environments. “Our customers choose to work with us because they understand that highly accurate packet capture and time stamping underpins all aspects of network security, monitoring, latency measurement and compliance,” said Neil Livingston, chief product officer of Endace. “Having worked in critical infrastructure environments with government and high frequency traders for more than ten years, we understand that to deliver the best solutions you must first have the best platform.”

The exceptionally high performance of the EP Core100 is a direct result of Endace’s scalable system architecture, which is tightly coupled with Endace’s proprietary hardware-based DAG I/O technology. Efficient CPU utilisation enables organisations to run larger custom rule sets that deliver higher levels of attack detection and lower levels of false positives, without compromising packet capture accuracy. In situations where a system is being used to monitor operational networks that underpin critical infrastructure, it is vital to have the ability to run comprehensive rule sets that deliver the highest possible level of threat detection and accuracy, as opposed to using a resource constraint compromised rule set.