The StreamShield product line consists of multiple components that together form a platform for the hardware-accelerated examination of network traffic for purposes of Web content-based filtering, anti-malware scanning, anti-spam, etc. The product is targeted primarily to carrier-grade ISPs, and includes as a key feature the ability to implement its content scanning capabilities with support for individual subscriber preferences and content monitoring policies.

Primary components of the StreamShield platform include the Content Security Gateway, The StreamShield Server, the StreamShield.Net update service (including 3rd party/partner URL and virus update lists and components, etc.), and the Web-based ShieldView Management interface (exposed by the StreamShield Server).

The heart of the platform is the Content Security Gateway (CSG), a hardware device deployed as a transparent bridge in the network at suitable traffic aggregation or exit points. The CSG boasts a silicon-based scanning engine, itself based on the vendor's Content Stream Inspection (CSI) technology, which has the ability to process, analyze, and if necessary manipulate (block, strip, modify, etc.) full TCP streams (as opposed to individual packets) without--according to the vendor--degrading session performance.

The CSG operates as somewhat of a proxy for subscriber traffic (non-subscriber traffic is passed through unscanned), leveraging an ASIC-based architecture that automatically terminates subscriber traffic and then sets up a corresponding upstream TCP connection. Such traffic can then be content-processed (scanned) in real-time at layers 5 - 7, with detected threats allowed, blocked, modified, or replaced based on service provider policies and subscriber preferences.

Managing the CSGs is the job of the StreamShield Server, which is delivered as a soft appliance to be deployed on Linux-compatible hardware. The StreamShield Server exposes the Web-based ShieldView management interface, which can be used to configure and monitor CSGs (up to 100), setup Provider policies, and setup and implement subscriber preferences for the services provided by the CSGs. The StreamShield Server additionally handles the reception of StreamShield.Net updates and forwards them to the CSGs. Redundant StreamShield Server deployments are possible.

A SOAP/XML API enables the StreamShield server to integrate with existing management and support systems and/or allows the provider to create subscriber self-service Web portals.

An additional platform component, the StreamShield Log Server, provides an optional, dedicated data collection engine for CSG data. Log Server data can be collected in 1 to many or 1 to 1 scenarios (1 Log Server to many or individual CSGs), with collected data aggregated and analyzed via StreamShield Server.

Both the StreamShield Server and the StreamShield Log Server (also called the Report Server by the vendor) can be installed on Red Hat Enterprise Server 4 machines.

New to the StreamShield platform is its integration with Cloudmark Authority for the detection of spam.

Visit the StreamShield Networks Web site for further information.

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about StreamShield

Suggest a link
for the StreamShield fact sheet