Big net names push security wares

LAS VEGAS - Cisco, Enterasys Networks and Nortel last week used NetWorld+Interop 2002 Las Vegas to push new intrusion-detection and VPN products, recognizing that network security might be among the few things on which customers currently are willing to spend money.

Cisco's new IDS 4250 appliance is designed to secure high-speed, wide-area links or big pipes within corporate campuses, offering intrusion detection on about 500M bit/sec of traffic. The company says a hardware upgrade by year-end will roughly double the performance of the device, which can support copper and fiber 1G bit/sec interfaces.

For companies with lower-speed connections to a WAN and for departments within a company, Cisco introduced the IDS 4235, with 200M bit/sec performance. It offers 10/100/1000M bit/sec copper Ethernet support. Both devices fit into a standard rack and are 1U (1.75 inches) high.

New software for Cisco's IDS appliances, which include three previous models, lets administrators manage the boxes from a Web browser, with Secure Sockets Layer security.

The 4250 costs $25,000, while the 4235 costs $12,500.

Separately, Enterasys announced Version 6.0 of its Dragon intrusion-detection product line, which will support higher-speed networks than the previous edition, which maxed out at 300M bit/sec. The product line, which ships in August, comprises Network Sensor, which can run on an industry-standard server or an Enterasys appliance; Host Sensor software, which resides on corporate servers and can report attempted hacks and viruses; Policy Manager, a Web-based administration tool for configuring Dragon components and updating attack signatures; and Security Information Manager, a database application that can collect security information from Dragon components and compile data on security activity into real-time reports that IT security staff can view.

New appliances include the FE50 and FE200 for 10M bit/sec and 200M bit/sec of intrusion-detection throughput, and the GE500, with a traffic-detection throughput at 500M bit/sec. The appliances will cost from $7,500 to $22,000.

Network Sensor software will be available independently of the appliances for $3,000 to $15,000, depending on speeds supported. The Host Sensor will cost $650 to $2,000, depending on the operating system, while the Policy Manager will cost $2,500 and includes the Security Information Manager.

Nortel used the show to launch its new Contivity gateways, three of them aimed at providing site-to-site or remote-access VPN connections for small branch offices and teleworkers, and two of them for connecting branch offices and campus locations with high-speed, secure WAN links.

All the new boxes support stateful-inspection firewall capabilities and IP routing with support for protocols such as Open Shortest Path First and RIPv2. The boxes come with unlimited licenses for Contivity VPN Client software for Windows.

For small or home offices, the Contivity 1010 provides two ports of 10/100M bit/sec Ethernet and can support encrypted VPN tunnels. The Contivity 1050 and 1100 include a four-port LAN switch and can support up to 30 tunnels. The 1010 will be priced at $1,000, and the 1050 and 1100 will be priced at $1,300 and $1,500, respectively. The small office/home office devices will be available in June.

The 1700 can support up to 500 VPN tunnels, while the 2700 can handle 1,000 encrypted tunnels for larger site-to-site VPN deployments. Both boxes come with two integrated 10/100M bit/sec Ethernet ports and optional T-1 interfaces with an integrated DSU/CSU. The 1700 and 2700 will be available for larger sites in July, but pricing has not been set.

The IDG News Service contributed to this report.