Nevis Networks provides identity-based policy enforcement in the network fabric, controlling who can access a company’s network and what resources they are permitted to use, as well as containing the spread of the most sophisticated malware. Nevis’ LANenforcer security appliances provide integrated NAC, IPS and identity firewall capability. Watch Nevis Networks Flash Demonstration Here.

ASIC Architecture

The LANsecure ASIC provides the enabling technology for the entire LANenforcer product line, having been designed from the ground up as the basis for a family of security platforms. The overarching design goals were to enable integrated deep packet inspection security with high throughput flow-based network processing in a way that scales in multiple dimensions.

In summary, each LANsecure ASIC provides:

  • Up to 10 Gbps integrated networking and security throughput
  • High performance interfaces, with hardware packet I/O and memory management, including hardware managed queues
  • Six clusters of four CPU engines, each supporting four-way hardware multi-threading, for a total of 96 threads. Each CPU can access any memory location, whether on-chip or off-chip.
  • Integrated security processing engines for signature matching, and TCP checksum processing

Contain Malware and Stop Zero-Day Threats: Nevis Networks Does It BEST!

  • Detecting and blocking malware in microseconds
  • Aggregates 6 detection mechanisms: stateful firewall, traffic anomaly, protocol anomaly and behavioral anomaly; Layer 2 security; automatic quarantine
  • Parallelizing multiple threat detection methods at gigabit speeds to detect, identify and contain the greatest number of threats, while reducing the potential of false positives
  • Reducing the threat containment envelope to the individual user level for the highest security
  • Threat analysis researched and monitored 24×7 by Nevis Labs

6 Lines of Defense

  • Endpoint Integrity Agent: Nevis supplies a demand downloadable agent which can perform an endpoint integrity assessment and verify compliance with enterprise policies before allowing normal network access.
  • Identity-based Stateful Firewall: Nevis LANenforcer can be used to implement comprehensive identity based firewall access control policies.
  • Signature-based Threat Detection: We recognize that to get work done, you have to allow your employees, your contractors, and even your short-term guests to access your network.
  • Behavior Blocking: Nevis uses state-of-the-art deep packet inspection  algorithms, including behavioral, protocol and traffic anomaly  detection to protect against new malware attacks (worms, Trojans, bots, etc.)
  • Layer 2 Security Protection: Nevis protects your network from MAC Spoofing and Flooding, ARP Spoofing and Poisoning, VLAN Hopping and Double Tagging, DHCP Address Exhaustion, Switch Impersonation and  Spanning Tree Attacks
  • Layer 7 Application Recognition and Policy Enforcement: Organizations that decide to roll-out application-oriented policies have a number of effective remediation steps upon the identification of an offending session. Nevis can accomplish this because the LANenforcer appliance understands the application and has visibility to the user launching the application.

Security Solutions


Product Line

  • LANenforcer: Financial Enterprise 10GbE Throughput Unified Security Appliance including Inline NAC, IPS and Layer 7 Firewall without performance degradation   …more
  • LANsight: Centralized management solution for LANenforcer


For more information

Please visit or contact us by phone at 02-210-0969 , by email at