3Com blends switching, intrusion prevention

3Com this week is expected to announce a chassis-based version of its TippingPoint security switch that combines traffic-inspection duties with the scale of high-end data switching, up to 10G Ethernet.

The 3Com TippingPoint M60 will let customers consolidate intrusion-prevention system (IPS) and LAN switching in a single high-scale chassis. The M60 can be used to consolidate traffic inspection for an entire organization while maintaining security separation between groups of users.

The M60 chassis comes with seven, 10 or 14 slots – two slots are occupied by redundant management modules. Each slot holds modules that have as many as six active Gigabit Ethernet ports. (Six pairs of copper/fiber ports let users mix cabling types.) A dual-port 10G Ethernet card also is available for the device.

Each blade in the M60 acts as a stand-alone IPS device, similar to TippingPoint’s T-series appliances, in which network connectivity and IPS packet processing are done on the hardware. (The exception is with 10G interfaces; the M60 uses 3Com’s 8800 dual-port 10G blades, which connect to TippingPoint IPS blades through the switch’s backplane.)

The blades run 3Com’s TippingPoint IPS device operating system and use the vendor’s Digital Vaccine updating service, letting the device identify the latest threat signatures and vulnerabilities.

The advantages of running IPS services on a chassis-based box include having shared redundant power supplies in the M60 chassis, and the ability to configure and control IPS settings on the blades through one device interface, 3Com says. But the scale is the real benefit.

The switch can support a maximum of 144 IPS ports, which can be divided into 72 security segments, each segment getting an ingress port for “dirty” traffic coming into the IPS, and an egress port for “clean” traffic delivered to the LAN or security segment.

In addition to the M60 chassis, the IPS blades that fit in the device also will work in 3Com’s Switch 8800, a large-enterprise core switch chassis developed in 3Com’s joint venture with Huawei Technologies. (Much of the M60 also was developed in the Huawei-3Com joint venture.) According to 3Com, running TippingPoint IPS blades in the Switch 8800 lets users consolidate IPS into the LAN switch layer, eliminating the need for external network appliances and allowing the IPS to hook into a 40Gbps connection to the switch’s backplane.

The 3Com TippingPoint M60, which will be shown at the RSA conference in San Francisco this week, will be available in mid-2006, 3Com says. Pricing for the device will be available at that time.