• United States
Executive Editor

SonicWall gets into the intrusion prevention game

Feb 26, 20042 mins
Intrusion Detection SoftwareNetwork Security

* SonicWall is latest to add intrusion prevention to gear

SonicWall is adding intrusion prevention capabilities to its IPSec VPN and firewall appliances, following what seems to be an irrevocable trend.

By mid year the company will introduce a new service that is supported by SonicWall’s entire product line, which ranges from SOHO boxes to 1G-bit/sec gear for large corporate sites. Customers sign up for the service and then SonicWall pushes an intrusion signature library to the devices. The library is updated as new attacks are identified.  The service ranges from $500 to $1,500 per year per device, depending on the throughput of the appliance.

Other vendors, notably Check Point, NetScreen and Fortinet, are adding intrusion prevention to their technology. Admittedly, there are variations among what they offer, but each is adding protection beyond traditional firewalls.

If SonicWall customers want this technology – which they will demonstrate by buying it – it would mean that the discussion of this technology and its benefits have penetrated to mainstream businesses. SonicWall defines its customers as mainstream adopters of new technology, not bleeding edge, cutting edge or early adopters. They also tend to be the customers without dedicated security staff, but who nonetheless have significant security concerns.

Apparently, SonicWall thought of this a while ago when it started shipping hardware with more horsepower than was needed for the applications that were then available to run on it. The processing headroom was designed in to allow intrusion protection in particular.

The company says it plans to add more security applications to its appliances down the road, so customers should think of them as expandable devices. You buy the platform once and probably pay more for it than you would for a device that would do just, say, firewall, VPN and anti-virus. For an incremental fee, you can add more functions later as they become available. That, the company says, is less expensive and less disruptive in the long run.

If that is the type of gear you want, realize that now there are several vendors doing this.