3Com this week will introduce software that uses switches as enforcement points to shut down attacks on business networks, making it possible for users to quarantine infected machines that propagate malicious code.

New software for the company's TippingPoint Intrusion Prevention System lets the IPS intervene if individual machines violate security policies. The package requires no dedicated quarantine client on each device, which would require administration time to distribute, configure and maintain.

The new software can apply security policies to an IP device on the network including servers, desktops, PDAs, IP phones and printers. When devices log on to the network via 3Com's automatic media access control (MAC)-based Radius Authenticated Device Access (RADA), it grants access to authorized virtual LANs and QoS on the network.

Other vendors are making similar efforts to block attacks and minimize any damage. Alcatel and third-party intrusion detection vendors team to use the company's Automated Quarantine Engine in Alcatel switches. Nortel's switches also support third-party intrusion-detection systems. Cisco's Clean Access software imposes similar restrictions. Enterasys' Automated Security Manager quarantines traffic via its switches.

The 3Com quarantine software works with any vendor's switches, but 3Com says response time for taking enforcement action is faster with 3Com switches by a matter of seconds, but has no specific numbers to support the claim.

With 3Com's gear, when a device connects to the network, its MAC address and IP address are logged, as well as what switch port the device is connected. If the IPS identifies the device as generating malicious traffic, the TippingPoint IPS can trigger remedial action such as shutting down the switch port or redirecting the machine to a secure VLAN that displays a Web page explaining what has happened and what action the user should take. For instance, the page might say the machine has been infected by a virus and to contact the help desk.

The software is an upgrade to current TippingPoint IPS and ships with new orders.

3Com also is announcing a new switch family, the 5500 series stackable switches, and the 7750 modular switch chassis.

The 5500 series includes both 10/100M bit/sec and Gigabit Ethernet models and comes with either 24 or 48 ports. The gigabit platform supports Power over Ethernet (PoE), as well as fiber connections.

The boxes come with two different software loads, standard and enhanced. The enhanced versions enable stacking eight of the switches rather than two and supports link aggregation to create larger logical links and to support redundancy. The devices also have one slot for an IPv6 router. The slot also can support a wireless switch, reducing the need for a separate device.

These switches are similar to high-density stackables from Enterasys, Extreme Networks and Nortel. They add PoE support in the 3Com line, something it lacked in high-density switches, says Steve Schuchart, an analyst with Current Analysis.