Looking to eliminate the hodgepodge of devices users have to manage in branch offices, many customers are turning to single, multi-function devices known as a "branch in a box" that perform branch-office network functions while being managed remotely.

Branch-in-a-box devices support a core range of tasks and can take the place of four or five devices in offices that may have no permanent IT staff, says Dan Golding, an analyst with the Burton Group who says he coined the name as a product category.

One box can perform in place of a WAN router, Ethernet switch, IP PBX, firewall and other devices, he says. It also can host security applications.

Branch-in-a-box products are not to be confused with office-in-a-box gear, which includes print servers, storage, e-mail servers and other devices intended to support one-office businesses but not meant to be managed centrally as part of a large corporate network with hundreds of branches, Golding says. Vendors in this category are Critical Software, EmergeCore Networks, Right Vision (acquired by Alcatel) and Linksys One.

A range of vendors make branch-in-a-box products, including 3Com, Adtran, Kentrox and NetDevices, a start-up focusing on this type of gear that is unique because it developed its platform specifically to deal with multiple branch-office functions rather than evolving from an existing device, he says. Cisco's branch-in-a-box ISR routers lead the way, Golding says, with more than 500 million units sold since they were introduced 15 months ago. It was Cisco's most successful product launch ever.

Nortel is the most recent industry giant jumping into this area with its $99.5 million purchase last month of Tasman Networks, whose Converged Services Routers support routing, security, QoS and VOIP.

There is also speculation that Juniper is looking into creating its own branch-in-a-box device. "Juniper has not announced anything, but there are rumours flying around, including sightings of experimental boxes that have a combination of the Juniper J-series router and the NetScreen firewall in one box," Golding says.

Juniper says it doesn't comment on future product development.

Cisco's ISR gear stands out not only for its popularity but also for its premium price. ISRs cost 30 percent to 40 percent more than most of the competitors' gear, Golding says. For instance, a Cisco 3825 costs $10,500 to $16,600, while a Tasman (Nortel) 3120 costs $6,400 to $12,900. But for the lower price, customers also get fewer feature options. The Tasman box has no IP PBX support, while the Cisco 3825 supports Cisco's IP Call Manager Express for local call processing.

A strength of these devices is that they are modular, letting customers add features as they need them. For example, UK financial firm Close Motor Finance uses NetDevices SG equipment as a branch-office router at its disaster recovery site in Peterborough. But because the gear also supports security features, Close Motor may roll it out in some of the 22 branch offices its IT department supports. This would be in place of separate Cisco routers and Fortinet security devices.

"It was never economically feasible to have a member of my IT team based in the branches," says Dave Coleman, head of IT for Close Motor, who has eight IT staff. "So it is important that we have as few maintenance and configuration issues as possible." Having fewer devices in each branch translates into fewer maintenance and configuration problems, he says.

Adequate branch staffing is becoming a more common problem as businesses consolidate their servers, bringing them in from branch offices to central data farms, Golding says. As servers move out of branches, so do IT workers who handle the rest of the local network.

Close Motor also is considering a switch to VoIP in its branch offices very soon, says Rob Tomlinson, technical director for Global 20, the technical support company Close Motor uses to outsource some maintenance of its network. He says he likes the modular design of the NetDevices operating software that supports upgrades of the VoIP software without affecting the operation of other functions on the device. "You can restart individual modules without having to reboot and lose the whole machine," he says.

The future of these devices lies in how many features they come to support over time. If Juniper gets into the field it could bring about immediate changes by adding what is recognised as a world-class firewall (NetScreen) and possibly adding WAN optimisation, technology the company acquired when it bought Peribit; last year, Golding says.

The one factor nobody can be sure of is how long this gear can remain trouble-free - an important characteristic for customers. "One thing about branch-in-a-box devices is they're designed to sit out in a branch for three, four, five years, preferably without somebody touching them," Golding says. "You'll have to put them out there for a few years and find out."