CleanINTERNET: INNOVATIve threat protection

Centripetal set out a few years ago with a single mission: to protect organizations from advanced threats. How we delivered on this mission is what’s dramatically different about us. We’ve developed a revolutionary solution that offers cyber teams continuous prevention from attacks through intelligence- led enforcement.

Our cyber threat intelligence solution, CleanINTERNET,  extrapolates every and any threat intelligence feed and applies advanced packet filtering at the network edge to prevent unwanted traffic from ever hitting a network.

We’ve simplified threat intelligence collection, management, and action (or enforcement, as we call it), by taking hundreds of millions of indicators and distilling them to a finite number of rules to prevent millions of threats and deliver an unprecedented intelligence-led defense.

cleaninternet for enterprise


Manually sifting through packet capture logs, or relying only on sending logs to a SIEM platform does not scale to today's expanding attack surface. And we know firewalls and IPS systems aren't effective at processing hundreds of millions of indicators. 


This is where advanced packet filtering leveraging threat intelligence becomes a critical technology in today's SOC. One major component of our threat intelligence gateway solution is the actual enforcement point, the RuleGATE®. The RuleGATE is a physical or virtual appliance, and can be configured to meet speed and scale requirements.


Our powerful RuleGATE appliances perform essential functions within the CleanINTERNET service:

  • Shielding and Blocking. Upfront, automatic removal of risk-based including targeted geo-blocking, compliance policies, TOR proxy removal, known malicious IPs, malvertizers, and new domain shielding
  • Event Logging. Inspection of every packet, log and flow, delivering real-time analytics on events inside or outside the network to end users and providers
  • Threat PCAP. Full packet capture for indicator-based hits quickly provides a definitive answer on risk. By capturing only threat traffic, this technology is over one hundred times more efficient than other solutions


Threat intelligence comes in many forms and flavors. Centripetal's enforcement of threat intelligence is made possible by sublinear filtering and the correlation of a massive amount of threat data. Centripetal has solved the challenge of complex data processing and filtering so customers don't have to take it on. 

In order to prevent hundreds of millions of threats, the curation and correlation of bulk threat data has to convert to policies that instruct what's enforced. The policy construct of our Threat Intelligence Gateway is designed for operating across a risk-based spectrum to optimize and prioritize human analysis and workflow.

Centripetal's intelligence policies are built from complex combinations of static and dynamic rules so that rules and policies can be constructed to filter on any combination of the following elements, which are typically part of the commercial indicator of compromise. Where no other technology is effective? It's not just malicious IP's:

  • Source IP, Destination IP, and IP range (v4 or v6)
  • Port or Port Range
  • Protocol
  • Domain
  • URL
  • FQDN
  • Dynamic, multi-dimensional indicators of compromise


Centripetal has architected its technology to process unprecedented amounts of threat data, and to enforce based on complex policies and rules in real time. Centripetal's technology stack includes advanced management and analytics for visibility into those threats that were prevented or where more investigation is necessary.

Centripetal's QuickTHREAT Analytics Manager lets organizations manage dynamic threat intelligence subscriptions, create and manage threat intelligence indicator sets, and build, maintain, and enforce cyber-security policies to meet the needs of the organization.

System administrators gain full visibility into the status and health of their RuleGate® enforement filters deployed, including full control over network infrastructure and high-availability configurations that integrate into SIEM platforms and any SOC tool.

Specific technical capabilities include: 

  • Centralized management of threat intelligence indicator sets and running policies
  • Visibility into the status and health of dispersed RuleGATE enforcement appliances
  • High-availability monitoring that tracks the status of active ports and other high availability peers
  • Real-time monitoring of hardware system status, including CPU load, memory usage, power supply status, and critical system temperatures
  • Maintain accountability with security audit logs ensure all transactions, including policy changes, are tracked and available for review


Find out how easily and affordably CleanINTERNET can be deployed for companies of all sizes, or start a 30-day risk-free trial today.

Contact Sales for Quote
Start a 30-day trial Today