Extreme Networks Data Sheet Sentriant® NG300 Sentriant NG300 is a security appliance that complements existing perimeter and endpoint security solutions in securing the network interior against rapidly propagating threats including Day-Zero attacks. Sentriant NG300 is designed to provide: Sentriant NG300 protects your network from rapidly propagating Day-Zero threats. Detect and Deceive Threats Early • Create a network of virtual decoys in the unused IP address space as an early warning system that alerts you when a virtual decoy is contacted • Mimic basic responses to TCP, UDP, and ICMP requests, and make it difficult for a hacker to determine which devices are real and which are not—allowing valid machines to hide among virtual decoys Mitigate and Slow Down Threats Precisely • Isolate the source of attacks and prevent them from communicating with the remainder of the network • Actively engage an attacker during the network reconnaissance that generally precedes a threat and dramatically slow down the attack High Availability Multi-Gigabit Coverage • CLEAR-Flow technology in ExtremeXOS switches detects and mirrors just the threatening traffic to Sentriant NG300, allowing higher line rates of inspection and mitigation ® • Detect and actively defend against threats without interfering with network traffic; Sentriant NG300 is not an inline device, therefore cannot be a bandwidth bottleneck or point of failure • Continuous monitoring of all endpoints as threat sources launching internal attacks • Deep analysis of suspicious traffic without impacting the operation of live networks • Rapid enforcement of mitigation actions against threat sources across the Enterprise Sentriant NG300 uses behavior-based threat detection methods (no signatures, no traffic sampling as in sFlow®) to detect threats––including new threats for which no signatures exist at the time of attack. It also includes a sophisticated early warning system that employs unused IP space to identify threats. Sentriant NG300 incorporates an aggressive protocol— independent, automated threat termination technology. This technology does not use software desktop agents, TCP resets, or switch-dependent VLAN shunting to isolate an infected endpoint. Sentriant NG300 is a powerful threat detection and mitigation solution on its own. And when it is used with CLEAR-Flow Security Rules Engine available in ExtremeXOS switches, a single Sentriant NG300 can protect multi-gigabit networks. Sentriant NG300 is not an inline device, creates no performance impact to networks, and cannot jeopardize network availability––even while the network is under attack. Protect your network from: • Viruses/Worms: Zotob, Sasser, Welchia, SQL Slammer, Blaster MyDoom and others • Denial of Service (DoS): IP spoofing, MAC spoofing, smurf, ping of death, ping sweep, ping flood, port sweep, SYN Flood, TCP Xmas, Syn/ Fin, Null, All Flags • Day-Zero, Multi-Vector, blended attacks, polymorphic viruses • Targeted attacks on IP Telephony devices © 2008 Extreme Networks, Inc. All rights reserved. Sentriant NG300—Page 1

Extreme Networks Data Sheet Detect and Deceive Threats Early Delivers fast detection with a network of virtual decoys creating an early warning system that fires an alert when a virtual target is contacted. Detect Threats Early Active Deception On a typical network that uses private IP address space, as much as 80% of IP address space is unassigned. Sentriant NG300 uses this asset to identify threats as shown in Figure 1. Since most worms must conduct reconnaissance to spread, there is a high probability that worm activity will hit the virtual decoys in the unused IP address space. Therefore,...

Extreme Networks Data Sheet Mitigate and Slow Down Threats Precisely Isolate the source of attacks and prevent them from communicating with the remainder of the network. Cloaking Sentriant NG300 can logically insert itself in between one or more attackers and one or more target devices by redirecting communication streams from the attackers to itself. Sentriant NG300 can then selectively pass or silently drop packets based on their threat potential, thereby, isolating infected computers while permitting all other communication to flow normally on a network. This process called Cloaking occurs...

Extreme Networks Data Sheet High Availability Multi-Gigabit Coverage Sentriant NG300 can be integrated with CLEAR-Flow Security Rules Engine available in ExtremeXOS® switches to allow mult-gigabit rates of inspection and mitigation. Sentriant NG300 is not an inline device, therefore cannot be a bandwidth bottleneck or point of failure. Protecting More of Your Network Sentriant NG300 can be connected to any vendors’ switches from via mirror or span ports in its standalone deployment mode. In this mode, Sentriant NG300 can monitor up to 1 gigabit per second of broadcast traffic across up to 64...

Extreme Networks Data Sheet Technical Specifications Performance Traffic Level (Inspection, Mitigation) 1 gigabit/sec aggregate traffic Protected Endpoints 1000 end-points protected (Typical) Protected IP Space 16K of used and unused IP addresses (Typical) Number of VLANs Up to 64 VLANs Appliance Internals Processor Two Intel® Xeon Processors (2.8 Ghz/ea) Memory 2GB of ECC DRAM Hard Drive 80GB Network Interfaces Four 10/100/1000BASE-T Ports One 10/100BASE-T Management Port Power Supply Single 400W Power Supply Power Connection 120V/50/60Hz, U.S. Connectivity (U.S. cable only) Startup Access Serial...

Extreme Networks Data Sheet Technical Specifications Ordering Information Part Number Description 72051 Sentriant NG300 Apliance (1 Gbps, 2RU chassis) includes: • Sentriant NG300 Console Manager • Sentriant NG300 SOC (Sentriant Operations Console) • CLEAR-Flow security policy files library (Software package for Sentriant NG300 in Integrated Deployment Mode) 90534 Onsite Installation for Sentriant NG www.extremenetworks.com email: [email protected] Corporate and North America Extreme Networks, Inc. 3585 Monroe Street Santa Clara, CA 95051 USA Phone +1 408 579 2800 Europe, Middle East, Africa...