Miercom Testing Confirms That Reconnex iGuard 3300 Can Capture, Classify, And Analyze Content On Networks Running 1.3 GPBS In Real Time
Reconnex Appliance’s Ability to Evaluate, Index, and Store All Data Leaving an Organization Enables Identification of Insider Security Threats for the First Time
MOUNTAIN VIEW, Calif., Sept. 26, 2005—Reconnex, the expert in enterprise risk management systems, today confirmed through an independent performance analysis that its Reconnex iGuard 3300 content-monitoring security appliance performs content analysis at loads of up to 1.3 Gbps. This means one Reconnex iGuard appliance can monitor, index, and store all the content on a gigabit pipe in real-time. Miercom, an independent networking, security, and communications product testing organization, performed the testing and found that the iGuard 3300 could identify internal security threats by accurately classifying and analyzing a wide variety of protocols such as FTP, Webmail, SMTP, Instant Message (IM), and chats, as well as attachments such as Word, Excel, PDF files, and more.
As a result of its analysis, Miercom made the following key findings and conclusions:
- The Reconnex iGuard 3300 accurately captures, classifies, analyzes, and stores content on traffic loads of up to 1.3 Gbps in real time
- The iGuard’s powerful ability to classify content, combined with its strong pattern and regular-expression keyword search functionality, allows enterprises to identify internal security threats to regulatory compliance, competitive advantage, and corporate governance in real time
- The iGuard is port and file extension agnostic. The appliance detects and classifies document types by examining the internal structure and protocols of data objects; it does not rely on file extensions. Because the iGuard understands files based on intrinsic attributes, a malicious insider cannot attempt to avoid detection by renaming classified files or information
“We understand what it takes to deploy sophisticated internal security solutions to demanding Fortune 1000 and government organizations,” said Kevin Cheek, vice president of marketing at Reconnex. “The only way to accurately monitor, filter, and analyze massive volumes of data at network speeds is by building an appliance optimized for these tasks from the ground up. The Reconnex iGuard achieves outstanding performance with a single, easy-to-manage, plug-and-play box that provides a favorable total cost of ownership compared to software-based solutions. The testing by Miercom confirms the iGuard’s ability to monitor and analyze traffic in real time at gigabit speeds.”
Finding a Needle in a Haystack“With 1.3 Gbps of background traffic running over the test bed, we wanted to find out if the iGuard could capture email, IM and more to find the elusive needle in a haystack—credit card or social security numbers making their way outside of an organization,” said David Mier, senior engineer at Miercom. “The iGuard accurately flagged and classified traffic containing these numbers while continuing to search all meta-information such as source, destination, and time. The ability of the appliance to work in real time while handling heavy network traffic was very impressive.”
The Miercom analysis of the Reconnex iGuard 3300 employed a test bed that simulated a fully saturated full-duplex gigabit link—loaded with about 500 Mbps in one direction and 800 Mbps in the other—that is typical for high-bandwidth enterprise deployments at both the egress and interdepartmental nodes. Miercom then executed a variety of test cases, including protocol handling, content recognition, and searching capabilities. Connecting the test bed to the Internet allowed test clients to generate real traffic and enabled Miercom to verify that the iGuard 3300 correctly captured and classified Internet network traffic protocols such as Hotmail, AOL Webmail, IM, and Chat. Afterwards, tests of the iGuard 3300’s ability to conduct searches across the terabytes of stored, indexed data allowed Miercom to confirm the system’s ability to capture and classify each object type that crossed the link.
For more information about the results of the Reconnex iGuard 3300 testing, visit Reconnex on the web at http://www.reconnex.net/pdf/MIERCOMTEST.pdf
About iGuard 3300The iGuard captures and stores all content leaving the network, resolving confidentiality breaches associated with electronic risk policies or registered content in real-time. When sensitive information travels somewhere defined as "off limits," the iGuard identifies the breach and signals an alert at wire speed. By using Reconnex’s Document Biometrics™ technique, the iGuard can also recognize complete, partial, or "cut-and-pasted" content from any electronic communication. For example, the iGuard can detect if registered content is copied into the body of an e-mail, Webmail, IM, or other document or image file.
The iGuard is a passive, purpose-built hardware appliance that organizations can deploy off of a switch, router port, or network tap without affecting network performance or business workflow. The appliance is the only purpose-built solution capable of processing all content in real-time on a full-duplex gigabit network in one 3U appliance
About Reconnex
Reconnex is the leading provider of enterprise risk management (ERM) systems that reveal and address the insider threat to compliance risks, competitive risks, corporate governance risks and critical infrastructure risks. Reconnex enables Fortune 1000 companies, government organizations, and smaller healthcare and financial services companies to protect their brands, shareholder value and mission critical operations by revealing hidden risks in the first 48 hours of deployment. Without exception, every deployment has enabled these organizations to quickly remediate the risks that could have damaged or destroyed their organization.
Give us two days, you’ll know™. Call Reconnex today at 1-866-940-4590 or visit us on the web at www.reconnex.net.
