Fortinet Inc. is announcing software to supplement its traditional firewalls that inspects the content of individual packets and reconstructs data streams to look for intrusions.
Called Complete Content Protection, the software represents Fortinet's version of what other vendors call deep packet in section or application intelligence. Some of these other vendors include Check Point Software Technologies Ltd. and NetScreen Technologies Inc.
Fortinet claims CCP also reassembles packet payloads into the original data stream to check for exploits that might have been fragmented and stuffed inside separate packets. A virus signature, for example, that is fragmented into more than one packet would otherwise go undetected, says Rick Kagan, Fortinet's vice president of marketing. CCP then reassembles the packets and sends them along if they reveal nothing to filter.
"You need to reconstruct the original stream and then scan for viruses, worms, etc.," Kagan says.
CCP is designed to act as a network-based content filter that can screen content, spam and application-layer worms. Generally, anti-virus applications are placed on individual desktops or in front of individual servers.
Kagan says CCP runs on FortiGate hardware, the company's multi-application platform for which it sells firewall, VPN, intrusion detection and prevention and packet-by-packet virus screening. The boxes have ASICs customized to handle the processing-heavy load of application layer screening and reassembly of traffic flows, Kagan says.
The company is also introducing a new FortiGate device called FortiGate 800 designed for customer networks transitioning to Gigabit Ethernet infrastructures. The device has four 10/100/1000 Ethernet ports and four 10/100 ports. Customers with less than gigabit LANs can buy the boxes and upgrade segments of their network to gigabit without buying a new FortiGage box.
FortiGate 800 costs US$11,995 and is available in January.