In 2003, 2 engineers – 1 from Cisco and 1 from Juniper, came together to form Nevis Networks. They realized that the enterprise perimeter was fast disappearing because of an increasingly mobile work-force and a growing number of non-employees on local area networks (LANs). They correctly predicted that the patch-work solutions offered by the incumbent security vendors to address this issue was not a cost-effective and scalable approach to comprehensively secure the enterprise networks.
Realizing that the LAN was fast becoming the “weak link in the chain”, they decided to attack the dichotomy of security (slow and deep packet inspection) and networking (fast with brief header inspection only) by resolving the issues that prevent deep security inspection at LAN speeds.
Applying their deep expertise in LAN switching/routing and high performance ASIC architectures they went on to define a new security architecture that would fundamentally integrate stateful security into the fabric of the enterprise LAN. Nevis spent 3 years creating the highest performance LAN security products in the marketplace. Nevis’ LANenforcer™ products are designed ‘from the ground up’ to address the complex and varied needs of security within LANs.
In order to deal with the multi-gigabit speeds found in LANs today, Nevis built its own programmable ASIC (Application Specific Integrated Circuit), called SuperNova™. SuperNova™ is a highly flexible, multi-core ASIC which operates at over 12 BIPS (Billion Instructions per Second). SuperNova™ is the highest performance secure switching ASIC in the marketplace and has patented accelerators for security functionality such as IPS, Anomaly Detection, identity-based Firewall and Application Recognition/Visualization.
In April 2006, Nevis built the world’s first secure switch, the LANenforcer 1048 (LE 1048) using SuperNova. The LE 1048 provides 48 ports of 10/100/1000 Mbps ports and 10Gbps of security.
In September 2006, Nevis brought to market the LANenforcer 2024 (LE2024). The LE 2024 is a 10Gbps transparent security appliance that seamlessly integrates into the switching infrastructure, and provides 12 port pairs (often called a ‘bump in the wire’) of connectivity for up to 1,000 users per device. The LE 2024 provides complete LAN security to all users whether they reside on the LAN, in remote/branch offices or mobile users connecting through VPN connections.
Nevis’s Identity-driven LAN Security is designed to provide complete protection for enterprise networks and the users on the network. The 1st step towards comprehensive LAN security is the verification of the user endpoint for compliance. Nevis checks the endpoint to ensure anti-virus and windows patches are up to date. Nevis then participates in the user’s authentication & authorization to the network (such as Active Directory) and then maintains a mapping of MAC address, IP address and user credentials. This is used by Nevis to enforce network access control to enterprise applications based on the policies assigned to the user within the policy infrastructure.
Nevis also continuously checks for malware in all traffic flows to and from the end user using our signature-based Intrusion Prevention System (IPS) and Anomaly Detection capabilities.
Finally Nevis’ LANsight™ management platform includes an Event Correlation System (ECS) which tracks all events within the network and stores these based on the user’s ID. LANsight™ provides a complete real-time and historical audit trail of security events to meet compliance and governance requirements.
In summary, Nevis has built a series of high performance, low cost security products that extend similar levels of protection found in the perimeter to all users on enterprise LANs. These solutions allow enterprises to share network access to managed (employees) & unmanaged users (guests, contractors & customers) whilst providing the necessary control required by compliance and regulatory bodies. Nevis expects enterprise networks to become even more mission critical going forward. However the increasing number of LAN applications and the vulnerabilities in these applications coupled with the mobile & diverse work force will continue to make the LAN more vulnerable to attacks. Nevis will continue to take on this challenge by providing highly scalable and cost-effective solutions that are seamlessly integrated into the policy infrastructure of the network.