Skip Links

Network World

  • Social Web 
  • Email 
  • Close
Clear Choice Test Unified Threat Management Firewalls. All-in-one firewalls show spotty performance: Juniper, Cisco, Check Point lead the way in test of 13 unified threat management devices.
Intro to UTM Testing Testing categories Product Summaries Click tabs to expand

A closer look at UTM hardware architecture

By Joel Snyder , Network World , 11/12/2007
Newsletter Signup
  • Share/Email
  • Tweet This
  • Comment
  • Print

This test showed that UTM firewalls come in all speeds, shapes and sizes.

One of the appliances we received was simply an off-the-shelf server (IBM’s System x3650). Other devices ranged from very lightly customized (Secure Computing put an IPS accelerator board and a customized BIOS in a Dell box to yield its Sidewinder 2150D) to the heavily engineered chassis found in the Juniper ISG-1000 and the Fortinet FortiGate 3600A. 

Sun Identity Management Attacks Complexity with Simplicity: View now

In general, though, firewall vendors have taken advantage of the enormous boon that Intel has provided in low-cost, high-performance CPUs that are aimed at general-purpose computing. Much of the customization in the devices we received was aimed at increasing port density and value engineering by removing parts (such as graphics adapters) that add cost but not value.

Tracking UTM Firewall hardware options

For the specific models of the UTM firewalls tested, both the hardware configurations as well as the possible options varied wildly. For testing, vendors selected their configurations.
Vendor Product Ports (in Ethernet speeds unless noted) Power Supplies Expansion Slots Options available to model tested
Astaro ASG 425a 6x1000,2xSFP 1 0 No options available
Check Point UTM-1 2050 4x1000,4x100 1 0 No options available
Cisco ASA5540 with SSM-20 IPS module 4x1000,1x100 1 1 IPS or A/V engine available
Crossbeam C25 12x1000,1x100 2 3 Ability to swap and 4-port gigabit Ethernet module for a 4-port SFP or FailOpen IPS module.
Fortinet FortiGate 3600A 8x1000,2xSFP 2 1 4-port SFP or storage module.
IBM System x3650 8-1000 as tested 2 4 2X1000 or 4x1000
IBM/ISS Proventia MX5010 10x1000 2 0 No options available
Juniper Networks ISG-1000 4x1000 1 2 2xSFPor 4xSFP, 4x100,2x1000
Juniper Networks SSG-520M 4x1000 1 6 1x1000, 4x100, 8x1000,16x1000, 2xT1/E1, 1xT3/E3, 1xDSL, 6xSFP
Nokia IP290 6x1000 1 1 2x1000; 2x1000 FailOpen IPS
Secure Computing Sidewinder 2150D with IPS accel. 8x1000 2 2 12x1000
SonicWALL PRO 5060 6x1000 1 0 No options available
WatchGuard Firebox Peak X8500e 8x1000 1 0 No options available
Click to see: Tracking UTM Firewall hardware options

Starting from the ground up, power options abound as the Crossbeam C25, FortiGate 3600A, IBM System x3650, IBM/ISS Proventia MX5010, and Secure Computing Sidewinder 2150D all sport two power supplies, either as an option or as part of the base configuration. Although two power supplies make a system less efficient in its use of electricity (see UTM power-consumption story), they do guard against one of the most common failures: accidentally unplugging the wrong system.

Related Content
  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed