HP blade counters Cisco security approach

Threat management module for ProCurve switch integrates firewall, IPS, VPN concentration

Network World just reviewed a module from HP that offers three threat management functions for its high-end ProCurve switches: firewall, intrusion prevention and VPN concentration. The blade may help make ProCurve switches more appealing alternatives to Cisco Catalyst systems, which require separate modules for the same three functions, according to reviewer David Newman:

Cisco's ASA 5500 multifunction security appliances are not integrated into Cisco's switches. And Cisco sells separate firewall and IPS security blades for its Catalyst 6500 switches, but those are higher-end devices with bigger performance numbers and bigger price tags.

The HP ProCurve Threat Management Services zl module (TMS) is a single-slot blade for HP's ProCurve 5400zl and 8212zl modular switches that's powered by Ubuntu Linux running on a 2.2-GHz Intel Core 2 Duo CPU and 4GB of RAM. In his review, Newman found "a well-designed, easy-to-use implementation that packs most common security functions into a small form factor." 

But the TMS also lacks some newer security features, such as reputation filtering, and its forwarding performance "can charitably be called modest," Newman reports. But the TMS represents a viable way to add security without adding more boxes.  

More from Cisco Subnet:

Win great stuff from Cisco Subnet Like e-mail? Subscribe to the Cisco Alert newsletter. Cisco Subnet RSS feedFollow all Cisco Subnet bloggers on Twitter.

Like RSS readers? Subscribe to the

Follow Jim Duffy on Twitter

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10