While firewall vendors have spent the last 18 months adding deeper packet inspection technologies to their products, NetContinuum, which started with deep port 80 traffic inspections, is addressing this market evolution from the opposite direction.

The new firewall component of the NC-1000, which NetContinuum expects to gain ICSA certification this week, will let companies remove another layer of complexity from their demilitarized zones, the company said.

The biggest trend we’re seeing is still cost – if you can’t take some cost out of the equation is doesn’t really matter if you can stop 3,000 attacks or 4,000, chief strategy officer Wes Wasson said.

The original NC-1000 devices had Internet traffic management features such as load balancing and SSL acceleration, which, Wasson said, has meant about a third of NetContinuum’s customers have decided to do away with separate load balancers.

The company now hopes to do a similar thing for firewalls, removing the need for a separate stateful inspection firewall when a NetContinuum device is deployed. But the firm is not going after all parts of the firewall market, Wasson said.

The web security gateways are for deployment in the DMZ in front of web servers and applications, and are not really designed for protecting the corporate LAN. That area, Wasson said, will be left to the incumbents.

The latest version of the product has also had its management interface overhauled to make setting security policies for applications similar to setting firewall policies, the option to set policies as temporarily passive to observe how they interact with new applications before turning them fully has also been added.

NetContinuum is submitting part of this technology to the Internet Engineering Task Force for consideration as a standard. WAT, for web address translation, does the same for URLs as NAT, network address translation, does for IP addresses, Wasson said.

WAT can add another layer of security by rewriting URLs on the fly, masking the actual domains and file paths used internally from outside users and hackers. Several competing products have similar functionality, but implemented differently.

This article is based on material originally produced by ComputerWire.