Fortinet, Juniper bolster multifunction security

Fortinet and Juniper plan to introduce this week new models of their multifunction security devices that break new ground for each company - Fortinet for protecting data centers and Juniper for defending smaller offices.

Both announcements reinforce the popularity of these devices known as unified threat management (UTM) appliances that can streamline network management and efficiency by cleansing traffic of many security threats with a single device. The devices are best suited for network junctures, such as Internet connections, or in front of data centers, where they can reduce the number of separate security devices deployed, says Richard Stiennon, chief research analyst for IT-Harvest.

Stiennon says UTM devices fall into three categories. One category, which includes Fortinet and Juniper, inspects a packet once and then run it through a series of filters. Another category, which includes WatchGuard and SonicWall, parses packets in a single device to perform multiple screenings. The third category represents hardware security platforms, such as Nokia's and Crossbeam's, on which third-party software can be deployed.

Compared with the FortiGate 3600, the FortiGate 3600A boosts firewall speed from 4Gbps to 6Gbps, VPN speed from 600Mbps to 800Mbps and antivirus screening from 300Mbps to 400Mbps. The FortiGate 3600A starts at $33,000, $3,000 more than the 3600.

Fortinet's 3600A

Ervin Evangelista, network engineer for the municipal service provider Fibernet in Morristown, Tenn., says that with a single management platform for its FortiGate 3600 box, it is much simpler to find and shut down the source of an attack than if he had separate firewalls, intrusion prevention and antivirus software.

Juniper is announcing nine new models of its SSG security devices that are scaled down from earlier models to make them suitable to protect smaller offices.

Juniper's SSG 5

The new models are based on three basic chassis - the SSG 5, SSG 20 and SSG 140 - with variations in WAN ports and optional integrated wireless access points accounting for the nine models that range in price from $700 to $3,200.

The smallest model, SSG 5, supports a 160Mbps firewall and 40Mbps VPN, which is fast enough for a small office. With additional annual license fees it can support software that screens for viruses, spam, unauthorized Web content and intrusions.

The largest model, SSG 140, has a 350Mbps firewall and a 100Mbps VPN, which is much faster but still slower than the earlier SSG versions that have a top firewall speed of 1Gbps and top VPN speed of 500Mbps.

One key feature of these devices is the variety of WAN ports available, from dial-up modem to ISDN to DSL T-1 to serial ports. This means they can be deployed at virtually any size office with any available connection to the Internet without using an external router or DSU/CSU, says Perry Jarvis, network operations manager for the City of Burbank, Calif. "When I can get those pieces together, it's easier to support, troubleshoot and repair," he says.

Copyright © 2006 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022