The company, which has done R&D for the National Science Foundation and the Department of Defense, recently released the MANAnet Reverse Firewall. The device does only a single job, but it’s an important one: It prevents distributed denial-of-service (DDOS) attacks from leaving a network once they enter, helping to stop such assaults from propagating across the Internet.
To thwart the attacks, the Reverse Firewall first limits bandwidth to requestors, preventing a DDOS attack from swamping a connection. It also queues up unexpected packets. DDOS packets generally don’t expect a reply from the servers they invade. In response, the Reverse Firewall serves two-way traffic at a much higher priority than one-way traffic. If it sees 30,000 requests to scan for ports at one time, it will make those requests wait in line while two-way traffic goes through. Meanwhile, it will report the fact that there are 30,000 barbarians at the gate to the network administrator.
Cs3 sells the Reverse Firewall for $4,000, though it is looking to license the technology to router and network security vendors for inclusion in their own products. For more information, visit www.cs3-inc.com.