Attack-Resistant Enterprise Networks (Fight Through Node)

A Fight Through Node (FTN) is a robust server that can continue operating even when compromised by a cyber attack.  FTNs are an intrusion-tolerant solution that replace the existing critical servers on an enterprise network.  A network equipped with FTNs will be able to provide essential services despite successful intrusions by trading off resiliency for performance.

FTNs achieve survivability using a rapid recovery system that rolls the server back to a clean state in a matter of seconds whenever an intrusion is detected.  By rapidly checkpointing Virtual Machines (VMs) within the FTN, the system can roll back to an extremely recent state just prior to the intrusion.  In addition, responses to client transactions are buffered until the system has been validated as free from compromise.  Combined, these two capabilities mean that FTNs can roll back without causing an inconsistent state with clients, meaning that no data is lost due to roll back.

FTNs offset the performance cost of checkpointing by spreading the cost among a pool of worker VMs.  By increasing the number of VMs, FTN performance can be increased.  As hardware continues to drop in price, FTNs will gain efficiency.