• United States
Executive Editor

NetScreen’s latest low-end VPN gear offers Layer 7 security

Jan 27, 20042 mins

* NetScreen adds two low-end appliances to its firewall/VPN family

NetScreen is adding two low-end security appliances to its line of firewall/VPN gear for home offices and small branch offices.

Called Hardware Security Client and NetScreen-5GT Extended, the two new boxes also support Layer 7 firewall protection that can uncover and block Web traffic that a packet-filtering firewall operating at Layer 3 might miss.

Key to their usefulness in corporate networks is that they both can be centrally managed by NetScreen’s Security Manager software. So if the devices are installed in remote offices that lack technical staff, they can still be monitored and managed without sending someone to the site. The devices can also be locked down so local users can’t tinker with their settings and potentially open the corporate network to risk. NetScreen says this feature would also be attractive to service providers that might want to offer managed security services.

Both devices can also be configured by non-technical employees via files e-mailed to remote offices and dropped into the device’s configuration wizard. Both boxes also come with anti-virus software.

The Security Client includes five 10/100 Ethernet ports for local devices. It can also be logically divided into two security zones for home offices. One zone would be for work use and would support access to a corporate VPN. The other would be for home use and would be blocked from access to corporate VPNs.

The NetScreen-5GT Extended is based on existing 5GT hardware but includes a high-availability port to connect to a second 5GT Extended so one can take over if the primary box fails. The Extended version also includes a port for a separate, secure network segment that is accessible from the Internet. This demilitarized zone could also be used to support a wireless access point and keep it isolated from the local LAN, preventing unauthorized wireless users from sneaking onto the corporate network.

These new devices fall into a pattern of appliance vendors beefing up what had been VPN/firewall-only equipment with anti-virus, content screening, Layer 7 firewalls and the like. WatchGuard, for example, is expected to announce a new appliance with similar features within the next few weeks. Stay tuned.

The starting price for the NetScreen-Hardware Security Client is $395 with one year of Deep Inspection firewall and anti-virus. The NetScreen-5GT Extended starts at $1,695, anti-virus is additional upgrade.