In a package molded to fit easily in your hand and no larger than the computer mouse used on your desktop computer, Berlin-based Innominate Security Technologies AG's mGuard has packed with about as much Virtual Private Network, firewall, and security capabilities a small business or SOHO user would need.

Or, for that matter, as much as anyone using a portable computer would need, since it installs easily between the network connection and the computer and is small enough to carry in your pocket. Nor does it require a separate power supply, operating off the 5 volts it receives through connection to an Ethernet interface or USB serial interface.

Via a Web browsing  interface stored in the device's nonvolatile flash memory, a configuration menu pops up automatically on  the host PC or laptopeb browser on the system to which  the mGuard is attached externally. Using it, non-technical users can set up the mGuard within minutes. The device can also be moved from machine to machine without software reinstallation (as required in a software-based solution) or reconfiguration (as required in a router or other traditional hardware-based solution).

For mobile users, the mGuard is small and light enough to plug into a laptop with no discernible difference in weight. In addition, through its use of open source software, including the Linux operating system, it can be plugged into any computer, providing essential security even on a system other than one's own (such as might be available in an airport business center or hotel).

Key to its high power and small footprint is Innominate's use of three Intel networking components: the IXP425 network processor, the 28F128J3 Strata Flash memory and the low power LXT973 10/100Mbps Ethernet PHY transceiver. This combination allows Innominate to offer a minimum of 10 Mbps throughput, sufficient for most small business needs.It is also more than enough  processing and memory overhead to support a comprehensive array of security security features. These are contained in hardware form on the 266 MHz IXP425 and in the device's 32 Mbytes of Synchronous DRAM and 8 Mbytes of nonvolatile flash memory. It supports two Ethernet interfaces and a standard RS232 serial connection to allow implementation into almost any network environment without requiring additional components.

All security functions in both mGuard products - including authentication, multipoint VPN, IPSec, Triple DES encryption (168-bit), RSA (up to 4096- key), MD5, L2TP, Internet Key Exchange, Perfect Forward Secrecy, and anti-spoofing - are performed automatically and without user interaction. Moreover, in contrast to most software-based security solutions, the mGuard  provides these capabilities without consuming the CPU cycles or memory of the host machine. Hardware and software integrity checks, copy-protected file system and other measures prevent manipulation of the device.

For users and system integrators who want a more traditional board level solution, the company is offering a similarly sized board the mGuard Core which can be inserted into any system with an industry standard plug and play hardware/software interface. It features a faster 533 MHz IXP435 NPU and more memory, up to 64Mbytes of SDRAM and up to 16Mbytes of flash memory.

Pricing and Availability