Vendors pitch all-in-one security boxes, 09/10/01
Vendors pitch all-in-one security boxes, 09/10/01. IDG Sep 10 2001 12:05PM ET
New gear from Nexsi, iPolicy and ServGate is roughly similar in that it is designed to protect high-bandwidth data centers and contain enough processing power to handle multiple security functions without creating a network bottleneck. But the companies are trying to differentiate themselves through the chips and applications they use in their products.
The companies are among a growing number of vendors, including Asita Technologies and Crossbeam Systems, that are building such devices, according to Jeff Phillips, an analyst with TeleChoice.
“To put in a single device rather than putting in separate pieces for VPN, firewall and intrusion detection is very attractive in a data center,” he says.
These security devices also compete against fast firewall/VPN gear made by NetScreen, Cisco, RapidStream and others, Phillips says. He expects vendors of these dual-function devices to add more features over time.
Nexsi is introducing the Nexsi 8000, a modular chassis that sits within a service provider network and takes in aggregated traffic from customers.
The box imposes security policies on this traffic and passes it on to data-center servers located on individual virtual LANs (VLAN) to keep customer traffic separate. Nexsi calls these VLANs secure service domains, and each chassis supports 100 of them.
IPolicy Networks is introducing iPEnforcer 5000, which combines the functions of a firewall and intrusion detection server. The company plans to add other security applications, such as VPN and URL filtering. IPEnforcer 5000 can perform these functions simultaneously at up to 2G bit/sec.
The box can keep separate sets of policies for up to 100 separate corporate accounts and 500,000 simultaneous sessions.
ServGate is introducing at NetWorld+Interop 2001 in Atlanta this week the SG2000H, a carrier-grade version of its enterprise data center device.
The new model supports 500 virtual firewalls; that is, it supports 500 separate sets of policies for individual customers.
The older edition acts as a single firewall.
The new device supports 1G bit/sec firewall throughput. By year-end, the device will also support virus scanning and VPNs.
[via Tech latest]
