Brisbane web hosting company WebCentral says it could be up to a month before a network monitoring device from Esphion is in production.
The NetX device has to collect historical network traffic data for several weeks to enable it to begin performing its anomaly detection function.
WebCentral network operations manager Ashwin Sharma says the device -– consisting of a Hewlett-Packard rack-mounted server running Linux -– is being deployed to monitor the company’s IP network.
“We chose it because it’s not a flow-based tool,” Sharma says. That means it doesn’t impose a network overhead.
However, it also means it needs to establish a baseline of normal network behaviour before it is ready to start issuing alerts of exceptional traffic.
Sharma says the device will detect incidents like DDoS attacks and device misconfigurations, at a rate of about 1.4 million packets per second.
“If an engineer receives an alert it allows us to block an IP address or range of addresses.”
It will also play a role in warding off viruses, although not as a first line of defence, Sharma says.
“If there’s a sudden increase of traffic on a particular port, it will detect that.”
NetX has been under development in Auckland for several years, and works by not only looking for patterns in network packets, but also performing rules-based and statistics-based filtering.Esphion head head Greg Cross (pictured) says it can store 700GB of network data on which to base its analysis.
Neither Cross nor Sharma would comment on how much WebCentral is paying for the device, which has a list price of $US35,000.
“It’s the first step with the account,” says Cross, who describes WebCentral as a “signficant player” in the web hosting market.
Sharma, however, believes the one device will be sufficient for the company’s needs.
WebCentral hosts more than 60,000 sites and domains, the company says.