Floodgate-Packet Filter is the first embedded firewall with dynamic filtering
Icon Labs, a provider of embedded networking and security technology, produces the Floodgate-Packet Filter, an embedded firewall that allows networked devices to control the packets they process. Floodgate protects against potentially malicious attacks by filtering packets before they are processed by an embedded device. Floodgate provides both threshold-based filtering and rules-based filtering.
Threshold-based filtering protects against denial of service attacks, broadcast storms and other conditions that result in a flood of unwanted packets. Rules-based filtering allows white-listing and black-listing based on criteria such as port number, protocol or source IP address.
“Increasingly, small, dedicated devices such as industrial control devices and medical devices are being connected to the Internet and are now subject to the same threats as PCs in corporate environments. Without firewalls, intrusion prevention systems and other security measures usually utilized in enterprise networks, these devices are very vulnerable to network based attacks,” said Alan Grau, CEO of Icon Labs. “Floodgate protects these devices from the threats that are present on the Internet by controlling which packets are processed.”
Floodgate-Packet Filter is allegedly provided as a portable source code library that can easily be integrated into an embedded device. Floodgate can be added at any layer in the IP stack. Floodgate includes sample applications that illustrate the use of Floodgate at Layer 2 to protect against broadcast storms and at Layer 3 to protect against packet floods.
The Floodgate-Packet Filter is designed for use in embedded systems and can be used with operating systems such as VxWorks, Linux, QNX, or eCos, or in systems without an operating system.
Icon Laboratories Inc.