3Com is to integrate intrusion prevention technology from its TippingPoint subsidiary into networking gear from its H3C division in an attempt to deliver streamlined secure networks at less cost and power consumption.
The company has kicked off its initiative with appliances and switch modules based on VPN technology from H3C. Early next year it will start introducing blades with the TippingPoint IPS for its modular networking products, according to Gary Kinghorn, product marketing manager for security at 3Com. Also beginning next year, the company will build a single management platform from TippingPoint's Security Management System (SMS) and H3C's Intelligent Management Center (IMC) software.
H3C began in 2003 as a joint venture between 3Com and Chinese networking giant Huawei Technologies, focused on giving Huawei a way into the U.S. market and giving 3Com a stronger enterprise lineup. Long overshadowed by Cisco, 3Com had retreated from the large enterprise market to aim solely at small and medium-sized businesses, where the company's original brand is still focused. 3Com bought out Huawei's portion of H3C in 2007, but the company still develops and builds products in China.
3Com began talking about integrating TippingPoint's intrusion prevention smarts into its network gear soon after it bought the company for US$430 million in 2004. It even brought those elements together in a set of products based on 3Com's SMB gear. But it took time for enterprises to embrace the concept and for network equipment to be able to support such functions, said John Vincenzo, 3Com's vice president of corporate marketing.
Cisco Systems and Juniper Networks have been pushing the integration of higher level functions such as security into the network infrastructure for the past few years.
On Monday, 3Com introduced the H3C SecPath family of standalone firewall appliances, ranging from the F1000 to the F5000-A5, a chassis seven rack units high that can accommodate several of the appliances. The F5000-A5 can provide line-rate protection for multiple 10Gbit/s connections, and a fully configured rack can perform at 40Gbit/s, Kinghorn said.
The company also rolled out the H3C SecBlade modules, which are designed for integration into the H3C Switch 9500E and 7500E Ethernet chassis devices and the H3C Switch 5820 stackable product family. The modules offer between 6.5Gbit/s and 8Gbit/s performance.
The firewall products are based on the H3C Comware operating system. They can perform stateful packet inspection filtering and let administrators set up multiple zones with separate firewall instances, which 3Com calls "virtual firewalls," so administrators can enforce different rules for employee and guest networks and wired and wireless LANs, according to 3Com. The firewalls can also look inside IPSec VPN tunnels to detect attacks, block specific kinds of traffic and e-mail attachment types, and prioritise traffic based on business policies. 3Com said its products take up less space and consume far less power than those of competitors.