Our current product, the MS-100SC “Masking Shunt” is an inline appliance that masks the Layer 2 presence and identity of another inline appliance such as a firewall or intrusion prevention system. It modifies Ethernet packet headers entering and leaving the device by replacing the true MAC address of the device with clone MAC addresses harvested from other devices upstream and downstream of the device respectively. It also decrements the Layer 3 “Time-to-Live” value in order to hide the network hop of the masked device. The effect is to make the firewall or other protected device completely invisible at Layer 2.
The MS-100SC has been through extensive functional and compatibility testing by the U.S. Department of Defense, starting in 2007 and continuing until 2009. The Defense Information Systems Agency (DISA) deployed it to mask a rack of Sidewinder firewalls in their own facility and approved it for .MIL operational networks. It is designed to operate at full wire speed, be fully compatible, easy to install, and highly resistant to attack. It has no MAC address of its own and no web interface or operating system, making it virtually invisible on the network.
The MS 100 is in production, has been through functional and compatibility testing by the US Department of Defense, and is available for government purchase.