New Users

Register

Excellence in Enterprise Network Security Solution for Inside the Network Perimeter

Product: Version 2.0
Family: EpiForce Network Security Software

Product Description: EpiForce provides a transparent security layer that secures data-in-motion and protects data at rest within the network perimeter. By protecting sensitive data as it is carried across your network, it is possible to lower the risk of an insider attack. EpiForce acts as a regulatory compliance security management system that automatically implements and enforces network security relationships and the host-based access control necessary to ensure the security of sensitive data assets. An audit trail is established demonstrating the implementation of security policy relationships, including what they are, when they were established, if they were modified and a guarantee they have been enforced. EpiForce logically divides your network into virtual segments, or security zones, to automatically configure and enforce your unique security relationships between each network device from a central management console, simplifying administration and reducing management costs.

Performance Testing:

Apani contracted Patni Computer Systems Inc. to observe and report scalability tests for EpiForce 2.0 security system. The purpose of conducting these tests was to validate the performance of the Epiforce system in a large scale environment. The tests were conducted at the Apani Scalability test lab at Brea in the presence of a representative from Patni Computer Systems Inc.
The goal of the testing was to measure the system responsiveness and performance during a series of configuration changes on the networked test environment. Testing was accomplished by using a test bed that was comprised of the following components:

• 100,000 Agents ( using a mix of real and simulated INS agents)
• 10 Admin Servers
• 2 Database Servers
• 2 Materialized View Database servers
• 20 Admin Consoles
• Solaris: Performance monitor
• Windows: Performance Monitor
• Dell Power Connect 5234: Network bandwidth monitor

The purpose of the study was to validate the product’s ability to scale and to verify the effectiveness within a 100,000 Agent test environment. The test setup of EpiForce passed all of the tests.

The key findings of the testing exercise are:
• All test case exit criteria were successfully met
• CPU utilization never exceeded 75% during any of the 15 scalability tests
• Memory utilization never exceeded 400MB of the committed RAM during any of the 15 scalability tests
• No abnormality in the network bandwidth utilization during any of the 15 scalability tests
Note that EpiForce version 2.2 is scheduled for release in July 2006, at the time of this product guide’s release. Improved performance will include enhanced scalability of supporting up to 200,000 agents, 20 Admin Servers and supporting up to 4,000,000 different security polices. The above performance specs were tested and confirmed by Patni.

Interfaces: EpiForce is architected to deliver enterprise class performance featuring multi-threaded architecture, fault tolerance, massive scalability and plug-in interface architecture to enable the integration of new value-added components as well as compatibility with legacy systems. Apani Networks’ EpiForce secures data-in-motion within the network perimeter, protects data at rest via machine-level access control and virtual network segmentation, and is easily deployed and administered throughout large networks across multiple platforms. More importantly, by functioning at the network layer, this security technology enables a ubiquitous deployment of security policies throughout the enterprise without the displacement of existing networking equipment.
Apani’s EpiForce was engineered to complement existing perimeter-based security defenses to deliver a robust, comprehensive and centralized network security management solution that addresses the IT security requirements necessary for regulatory compliance.

Administration Server
The Administration Server acts as the liaison between the Universal Agents and the data base, confirming security policies, and as a full certificate authority: issuing, revoking and expiring certificates. It may reside on a dedicated machine or with other components or other processes. Multiple servers may be utilized to support the scalability necessary for large-scale deployments.

Administrator Console
The Administrator Console offers an enterprise-wide view of the entire EpiForce system, managing the security relationships between each Universal Agent and its assigned network device. The Admin Console creates and edits security policies for each Agent or groups of Agents, provides certificates for host authentication and maintains these relationships within a database store. Managed attributes include encryption levels, data integrity protection, data compression and anti-replay protection. The Administrator Console interoperates with popular databases and has a fail-over capability.

Universal Agent
EpiForce’s software Agents are universal, OS-agnostic and enforce network layer protection right at the point of packet creation. This ensures security rules will be executed according to the administrator-defined security policy. For legacy computers or other IP devices (printer, fax, etc.), the universal hardware Agent may be deployed as a “bump-in-the-wire”, or stand alone appliance, maintaining the same level of protection as the software agent.

Database Store
May be deployed on Oracle or MySQL platforms; multiple data store backups may be incorporated for load-sharing or fail-over capability.

Key Features & Benefits:

Comprehensive Security Design – Capability to selectively encrypt network traffic, by application, traveling to and from networked devices to address IT security components of regulatory compliance. Automatically audits and enforces network security relationships providing dynamic access control to protect and secure data-in-motion.

Global Enterprise Scalability - Tiered administrative design is flexible and scalable, supporting multiple security zones, managed centrally or locally. The modular system architecture enables multiple and phased deployment schemes for consoles, administrative servers and agents to meet the stringent and unique needs of global enterprises or large government installations.

Ease of Implementation - Universal software Agents are easily installed, run transparently to the end-user and may be deployed over most operating systems. Security zones provide custom policies for multiple user groups; security policy changes are automatically configured and uploaded to each impacted Agent. Administration consoles have fail-over capability to maintain security if a loss of connectivity occurs.

Central Management Interface - EpiForce includes a central management infrastructure through which security zones may be flexibly created and modified. These zones elegantly manage access to network devices according to your unique security policies.

Flexibility to Secure Entire Network - EpiForce was designed to work with most operating systems or existing legacy systems within your network core. Agents are available as software-based, or as a free-standing appliance that acts as a ‘bump in the wire’ for those devices incapable of supporting an agent. EpiForce may be deployed anywhere to protect any device, to provide comprehensive protection for your sensitive customer data.

Highlights: For those organizations seeking to enhance their network security against an internal attack, the protection of sensitive data is paramount. This can now be accomplished with the enhanced virtual network segmentation, or security zones of EpiForce whereby data transmitted in the clear can be encrypted as needed, by application. Access to this data is protected through strong authentication and authorization, enforced locally through software-based agents which are easy to deploy and are updated automatically. Together, these security measures establish a comprehensive approach to securing inside the perimeter.

Apani's EpiForce provides this protection by encrypting internal data traffic and applying security policies through a single, centrally managed interface, where policies can be added or deleted in real-time. Machine level access control is an included component which enables one deployment of EpiForce to provide a transparent security layer, unseen by the end user.

End-Users: Large enterprise environments in government, healthcare and financial services networks.

Apani Networks
1800 E. Imperial Highway
Brea, CA 92821 USA
Tel: 1- 714-674-1600

RATE THIS PRODUCT

Features & Benefits

1    2    3    4    5   


RATING GUIDELINES

5 is Excellent
4 is Very Good
3 is Good
2 is Satisfactory
1 is Worst

 

Performance

1    2    3    4    5   

Interfaces (only for h/w)

1    2    3    4    5   

Form Factor (only for h/w)

1    2    3    4    5   

Documentation

1    2    3    4    5   

Ease of installation

1    2    3    4    5   

Manageability

 1    2    3    4    5   

Support & Service

1    2    3    4    5   

Future Proofing (upgradeability)

1    2    3    4    5   

Price

1    2    3    4    5   
     

  Pros :
  Cons :
  Recommend to others : Yes    No   
       
  Yes, I want to subscribe to email newsletters from Info Security Products Guide
  Yes, I am an end-user and would like to be included in the voters list
       
  Full Name :
  Company Name :
  Title :
  Address :
  City :
  State :
  Country :
  Telephone :
(with area & country code)
  Email Address :
  Renter Email Address :
       
  I am: Existing end-user Prospective Customer Other:
       
   
       

HOME |

ADVERTISE WITH US |

TELL US ABOUT YOURSELF |

UPDATED PRIVACY POLICY |

 CONTACT OUR EDITORS |

Copyright © 2006 Silicon Valley Communications - All rights reserved.

Info Security Products Guide   Storage Products Guide