Goal is end-to-end solutions, network integration
Major networking vendors are beefing up security products to provide end-to-end solutions as well as integrate security into the network.
Nortel Networks in September unveiled its Unified Security Architecture, along with an SSL extranet appliance that allows remote users to securely access corporate applications via a Web browser through SSL rather than a VPN client.
Nortel 2700 Gateway
Also in September, Cisco Systems released enhancements to its CiscoWorks VPN/Security Management Solution that create a single management console for firewalls, intrusion-detection sensors and VPN routers. Cisco also updated its Secure Access Control Server to include support for Protected Extensible Authentication Protocol (PEAP) in wireless LAN deployments, which allows for token and digital certificate authentication.
Nortel's Unified Security Architecture provides a blueprint for both data and voice security, said Fred Weiller, security solutions marketing manager at Nortel. "Most security architectures only consider data," Weiller said. "This considers voice applications and call centers as part of the network."
Chris Hanson, vice president of technology at Vandis, an Albertson, N.Y., solution provider, said Nortel's security focus is surprising some customers. "I don't think people thought of Nortel as a security company, but people are starting to take notice," he said. "The Unified Security Architecture is a way for us to show customers that Nortel has the full solution."
While Vandis works with several security vendors, many customers appreciate the idea of one company being able to provide the complete package, he said.
Nortel's new Alteon SSL 410 creates SSL extranets, providing a cost-effective alternative to VPNs, Weiller said. SSL authentication is meant to be used in addition to VPN technology to allow more flexibility, he added. The technology allows secure access to applications from any Web browser, eliminating the need for a VPN client.
>> Cisco unveils a single management console for firewalls, intrusion-detection sensors and VPN routers.
>> Solution providers say the consolidation of security management solutions is critical, particularly for large enterprise customers.
Nortel also expanded its Contivity VPN gateway offerings to include routing, said John Gray, product marketing manager for Nortel's Contivity unit. The latest Contivity software, release 4.7, enables Contivity IP Services gateways,including the 2700 and 1700 models,to be deployed as access routers, he said.
CiscoWorks 2.1 VPN/Security Management Solution (VMS) combines previously separate consoles to integrate the configuration, management, monitoring and troubleshooting of its PIX firewalls, IDS and VPN routers into a single solution. VMS 2.1 also includes an Auto Update Server, which allows administrators to automate security policy updates to all remote or local firewalls.
Ron Temske, director of security solutions at solution provider Logical Networks, Bloomfield Hills, Mich., said consolidating management of security solutions is essential, especially for large enterprises.
"With large enterprises now using VPNs instead of private lines to connect remote offices, a single, centralized management tool is key," Temske said. "In a large enterprise environment, the number of security-related devices can easily number in the hundreds."
Temske said EAP and PEAP support for wireless LAN deployments is also key for large enterprise customers. By supporting token-based authentication for wireless LAN access, "wireless security becomes integrated with the security of the organization instead of a separate process," he said.
Cisco's latest updates follow a move in August to integrate security into switches with the release of firewall, VPN, SSL and network analysis modules for its Catalyst 6500 series switches. Integrating security into the network core provides more comprehensive security than edge appliances, said Ben Goldman, director of product marketing for Cisco's Internet Systems Business Unit.
John Freres, president of Schaumburg, Ill.-based network and security solution provider Meridian IT Solutions, said as critical applications such as voice, video and storage merge into the network, security becomes more important. "Integrating security services into the network builds in a redundant level of protection touching all network traffic," he said. "There is no one single point of failure."