Security Players Shoot An All-In-One

The new wares combine firewall, VPN and intrusion-prevention capabilities in a format that promises proactive, easy-to-manage network protection, the vendors and solution providers said.

This week Juniper is shipping a long-awaited module that adds integrated intrusion detection and prevention (IDP) to its ISG 2000 appliance, delivering up to 2 Gbps of intrusion-prevention throughput and 1 Gbps of VPN/firewall throughput. NetScreen Technologies first launched the integrated security gateway with firewall and VPN features last April, days before the completion of its acquisition by Juniper. At that time, the company said the IDP module would ship by the end of 2004.

"We'll position it from the price/performance standpoint. Having multiple capabilities in the same box gives us a good competitive point against TippingPoint," said Dave Casey, vice president of Westron Communications, a solution provider based in Carrollton, Texas.

Juniper, Sunnyvale, Calif., is also introducing the ISG 1000, a smaller firewall/VPN appliance. Intrusion-prevention modules for that box are slated to ship in the second half of this year. Six new stand-alone appliances also debut this week to replace existing intrusion-prevention systems that run on servers.

Sponsored post

The ISG 2000 is priced from $40,000, while the IDP upgrade kit costs $6,000. Pricing for the ISG 1000 starts at $20,000.

3Com also has plans to roll out new appliances in the fourth quarter that introduce TippingPoint's intrusion-prevention technology to the SMB market, said James Freeze, vice president of global marketing at 3Com, Marlborough, Mass. The forthcoming TippingPoint 1 and TippingPoint 10 appliances will also include firewall and VPN functionality, he said. 3Com has not disclosed pricing.

John Chambers, president and CEO of Cisco, San Jose, Calif., played up the importance of integrated network security last week at the Interop conference in Las Vegas as he unveiled the Adaptive Security Appliance 5500 series, combining integrated firewall, VPN and intrusion-prevention capabilities into a single platform. This will help reduce the number of devices required to secure a customer's network, Chambers said.

"The key word is 'adaptive.' It's proactive and anticipatory of what's going to occur," he said.

The appliances scale from small businesses to large enterprises and incorporate features found in the PIX Security Appliance firewall, IPS 4200 Series and VPN 3000 Concentrator families.

"This will be a real benefit to the SMB market and branch offices where they have less IT sophistication," said Tom Gobeille, president and CEO of Network Computing Architects, a solution provider in Bellevue, Wash. Gobeille said large enterprises will also benefit.

Cisco's appliances are shipping with starting prices that range from $3,495 for an SMB version with up to 300 Mbps throughput to $16,995 for an enterprise edition with up to 650 Mbps throughput.