3Com is jumping into the unified security business, with branch office and SMB gateways that include enterprise-grade security technology from its TippingPoint subsidiary.

Its new X-Family of unified security platforms features TippingPoint's Digital Vaccine network-based intrusion protection system (IPS), which has NAC (network access control) capabilities that allow it to quarantine infected clients into a separate VLAN, where they can be cleaned up. It adds security services such as VPN, firewall and web content filtering, plus traffic shaping that allows specific traffic - such as VoIP - to be given priority over the VPN.

3Com's European marketing manager Bob Honour claimed that it's the enterprise-class IPS that sets it apart from leading unified security (or UTM - unified threat management) developers such as Fortinet and Sonicwall. He added that the X-Family includes SurfControl's popular technology for blacklisting website and filtering content.

The devices are not part of 3Com's OSN (Open Services Networking) strategy that encourages third-parties to add more services in software, but are "designed for the mid-market that requires VPN, IPS, and so on," Honour said.

He added, "The key thing is if you put voice through, the IPS has to be real-time. A lot of devices don't pass the voice packets through the threat management engine - for example, an IDS (intrusion detection system) generally doesn't look at voice traffic, but there's already been example of malicious code in IP phones, and the VoIP Security Alliance is getting more members."

The X-Family boxes are priced to catch the SMB market, and are very cheap compared to past TippingPoint IPSs. The stand-alone X5 is £433 for 25 users, or £520 for unlimited users, and can handle 18Mbit/s throughput. The larger rack-mount X506 is around £2000 for unlimited users and can process 50Mbit/s. Subscriptions to the Digital Vaccine threat update service add at least £210 a year, 3Com said.

"TippingPoint's main market was the Fortune-500, so it's platforms were fairly expensive," Honour noted. "This is the first product where 3Com has embedded TippingPoint technology into a box suitable for SMBs and resellers who sell to SMBs."

He said that it should also appeal to large enterprises for branch office security, because the devices can be centrally managed and controlled, with access policies pushed out from a main console. In addition it supports IP multicast routing and dual-box deployment for high availability, he noted.