Bundled security protects the perimeter
- By William Jackson
- May 01, 2002
'Appliance' is the watchword in the latest application platforms for information security. Symantec Corp. of Cupertino, Calif., and TippingPoint Technologies Inc. of Austin, Texas, have bundled appliances with firewalls, intrusion detection and other features. The dedicated hardware speeds throughput and simplifies management, company officials said.
Also, Stonesoft Corp. of Finland has teamed with True North Solutions Inc. of McLean, Va., to produce a centrally managed hardware firewall and virtual private network appliance for remote offices.Good for defense
TippingPoint's UnityOne products are targeted to the federal government, specifically the military, chief marketing officer Kent Savage said.
The UnityOne appliance consists of a stateful-inspection firewall with intrusion detection and continuous scanning. The scanner can adapt to emerging vulnerabilities and network changes. The firewall will interlock with the intrusion detection engine so that detected attacks can be stopped at the firewall.
TippingPoint designed the appliance's 2.5-Gbps security-specific network processor from custom application-specific integrated circuits.
'We concluded that security solutions were screaming for a security-specific processing engine,' TippingPoint chief executive John McHale said. '
UnityOne will come out later this year in two models. The $19,995 UnityOne 600 for small and midsized enterprises will have 600-Mbps throughput and handle 150,000 concurrent sessions. The 2000 model will have 2-Gbps throughput and 250,000 sessions.
Symantec's Gateway Security will combine firewall, antivirus, intrusion detection, content filtering and VPN features for small to midsized enterprises in a single box.
As with the UnityOne appliance, Symantec has interlocked firewall and intrusion-detection functions so that attacks can be blocked. Gateway Security will use Symantec's Enterprise Firewall 7.0 and Carrier Scan Server 2.2 antivirus engine. Content filtering will block undesirable uniform resource locators. Symantec's IPSec-compliant Enterprise VPN 7.0 is included.One of three
Symantec has not yet set prices, but Gateway Security will come in three models. Model 5110 will have maximum throughput of 40 Mbps with a 50-node license. The 5200 will have 80-Mbps throughput and a 250-node license, and the 5300 will have 80-Mbps throughput and unlimited use.
The TrueGate firewall includes a hardened version of the Linux open-source operating system. It supports multiple Internet connections and can direct traffic to the best-performing link. TrueGate boxes can be clustered with load balancing and failover. There are no moving parts; software resides in flash memory.
The TrueGate 23 starts at $995 with three Ethernet ports, and the TrueGate 27 at $1,495 with seven ports.
William Jackson is freelance writer and the author of the CyberEye blog.