Nvidia builds firewall on PC motherboard
- 21 October, 2004 09:28
Motherboard chipsets don't normally excite much attention in the security world, but Nvidia's nForce4 could turn out to be the exception.
Better known for its graphics chips, Nvidia has become the first to release a motherboard controller that makes it possible to build a hardware firewall within a PC itself.
The catch is that the new PCI-based chipset will only work with AMD Athlon 64, 64 FX and Sempron processors. Consequently, the company expects that nForce4 will be aimed at higher-end applications such as gaming in its initial roll-out. It is not clear whether the chipset will be made to work in Intel systems at a later date.
Although software firewalls are effective on PCs, the nForce4 "ActiveArmor" protection engine claims to carry out its security routines without hindering the performance of the PC, acting as an "accelerated" co-processor. This should improve system performance by unburdening the main CPU from having to process network traffic.
ActiveArmor's firewall functions look fairly standard, and include packet inspection, port filtering, and other anti-hacking features as well as remote administration which is a must for IT departments.
More interesting to corporates in the light of recent history will be the application filtering features of what Nvidia has dubbed "Intelligent Application Manager" (IAM). This, it is claimed, will stop Trojans hijacking the PC to use as a server and will perform sophisticated monitoring of outbound as well as inbound application traffic.
The chipset has been released in three versions. The mid-level "Ultra", which is likely to be the most popular, comes with an integrated firewall, and support for 3GB serial RAID (including advanced failover detection), and will add approximately US$100-$150 to the price of a motherboard, the company indicated.
The US$200 high-end nForce4 SLI was identical but included a technology called Scalable Link Interface (SLI), a means of running two graphics cards in one system to boost graphics performance. The entry-level US$55 nForce relied on cut-down software-based firewall features and lacked the SLI, but will come with a lower performance version of the RAID support.
The company said it expected the chipset's price to reduce as volumes increased in the coming months.