|
Appliances
Dedicated or UTM
Although UTM appliances offer a unified solution that protects
a company's network and systems from a variety of attacks, standalone appliances
are better suited for the large enterprise. Both options have their merits,
writes Dominic K.
Security appliances are dedicated pieces of hardware that handle security functions.
These range from compact, plug-and-play desktop appliances for the SMB to modular
gigabit-spec appliances for large enterprises.
Appliances for specific functions such as anti-virus, anti-spam, firewall, intrusion
detection and prevention are available. There are also unified threat management
(UTM) appliances that combine these functions into a single device which is
well-suited for the needs of a large enterprise’s branch office or an SMB.
With respect to SSL VPN support, an appliance should be a plug-n-play solution
to reduce complexity. It should offer secure LAN, intranet, as well as remote
access for employees, business partners, and customers based on policies defined
by network and system administrators.
Apart from predefined configurations, an appliance should be able to accept
policies defined by the network administrator. Most solutions offer automatic
updates and free subscription periods varying from three months to a year.
One for all
Going in for dedicated, single function security appliances obviously mandates
a requirement for more rack space in a data centre. Over and above this it will
entail bigger expenditure and be a management problem of greater complexity.
However, single function appliances are highly-scalable and they may be the
only way out when you want to support thousands of users with hundreds of concurrent
logins (for e.g. a VPN concentrator for a large enterprise with thousands of
remote users).
UTM appliances solve many of the above problems for SMBs or even branch office
deployments in large enterprises.
As the name suggests, UTM appliances combine functionalities such as firewall,
gateway anti-virus, anti-spam, as well as intrusion detection and prevention
along with content-filtering capabilities onto a single hardware platform.
Factors to consider
The primary decision to be made is whether your organisation needs dedicated
security appliances or a unified solution.
Thereafter, interoperability between network devices should be the factor to
be checked. If the deployed components do not work well together, then incident
resolution and sometimes even determining where the fault lies may be difficult,
if not impossible.
It is important to check on the availability of physical ports on the appliance
as it will have to be connected with other network and system components. As
many companies opt for VPN for secure communication, a UTM appliance should
be checked for the kind of compatibility it offers as well as the effective
VPN throughputs which should be sized higher than what is required by systems
that are currently deployed in the organisation.
If the product also acts as a VPN appliance, then it should also protect remote
offices and telecommuting users. The number of concurrent users that the appliance
can handle without overloading or hanging has to be checked.
When considering UTM appliances it will be wise to think of factors such as
performance of every module in the appliance. Individual modules may not be
best in class when compared to deployment of that function separately (e.g.,
a UTM appliances firewall module may not match the performance of a standalone
firewall).
Some UTM appliances cannot be upgraded. This is something to keep an eye out
for. The product should also offer dedicated dual ISP ports so that it can fail
over from one to the other in case the primary link goes down.
SMBs can go for a UTM appliance with only certain features being enabled. The
remaining features can be switched on based on the need and demand.
| |
Product
|
Features
|
Price
|
Contact
|
|
|
Cisco ASA 5500 Series
|
This adaptive security appliance
modular platform provides security and VPN services. Its enterprise editions
include firewall, IPS, Anti-X and VPN versions. The firewall edition enables
businesses to securely deploy mission-critical applications and networks.
The IPS edition protects servers and network infrastructure from worms,
crackers, and other threats through a combination of firewall, application
security, and IPS. The Anti-X edition provides a comprehensive package of
security services to users at small or remote sites. The VPN edition enables
secure, remote user access to internal network systems and services. It
also supports VPN clustering for larger enterprise deployments. |
Ranges from Rs. 36,000 to
Rs. 12,00,000 |
Person: Diwakar Dayal
Telephone: 80 22077000
E-mail: diwakar.dayal @datacraft-asia.com Website: cisco.com |
 |
Elitecore Technologies’
Cyberoam
|
The CR 50i,
CR 100i, CR 250i, CR 500i, CR 1000i and CR 1500i appliances
suit the requirements of enterprises with 50 to 1,500 users.
Threats covered include spyware, phishing, pharming, viruses,
worms and Trojans. Content-filtering, firewall, VPN, anti-virus,
and anti-spam are integrated to provide comprehensive security.
In addition, bandwidth management and the multi-link manager
enhance productivity. It supports IPsec, PPTP, and L2TP, various
forms of encryption (3DES, DES, MD5) and denial of service attack
prevention. The appliances provide for at least 4,000 intrusion
detection signatures and come with a customisable detection
signature list. |
For CR 100i: Rs. 1,75,000 |
Person: Digvijaysinh Chudasama
Telephone: 79 26405600 / 98106 18871
E-mail: sales@cyberoam.com
Website: cyberoam.com |
|
|
Fortinet’s FortiGate
5000 |
Designed for network, edge
or core deployments in large enterprises, carriers and MSSPs, the FortiGate-5000
family delivers complete content protection on a platform that can scale
from two to 14 blades in a single chassis. It consists of three chassis
models—the two-slot FortiGate-5020, five-slot FortiGate-5050, and 14-slot
FortiGate-5140—each of which are populated with FortiGate-5001 blades
that provide security functions and/or FortiGate-5003 blades that provide
high availability clustering functions.
The FortiGate 5001 blade provides complete network security services, including
firewall, VPN, anti-virus, intrusion prevention, anti-spam, Web content-filtering,
and traffic-shaping, with a throughput of up to three Gbps for firewall,
600 Mbps for 3DES IPSec VPN, 400 Mbps for IPS and 200 Mbps for anti-virus
scanning.
In addition, the family scales from a 3 Gbps Firewall to over 42 Gbps in
the case of the FortiGate-5140. By combining multiple security functions
into an ASIC-accelerated security platform, Fortinet is trying to offer
customers lower capital and operational expenditures when compared to multiple
vendors’ point products. Chassis features include hot-swappable blades,
power supplies and fans, DC input power for battery operation, and a shelf
management interface to monitor and control environmental and power parameters.
|
Rs. 20 lakh to 30 lakh |
Person: Vishak Raman
Telephone: 80 25325800
E-mail: vraman@fortinet.com
Website: fortinet.com |
|
|
GajShield’s UTM
Appliances |
It offers protection from
denial of service, distributed denial of service and SYN flood attacks and
probes at the network perimeter. It provides network protection by means
of an integrated approach by utilising multiple technologies such as an
ICSA-certified stateful inspection firewall, IPS, a virtual private gateway
that allows it to use site-to-site or client-to-site VPN supporting a variety
of industry standard IPSec, L2TP, PPTP connection protocols and encryption
standards. |
Ranges from Rs. 40,000 -
8 lakh |
Person: Nayan Thakkar
Telephone: 98673 24507
E-mail: nayan@gajshield.com
Website: gajshield.com |
|
|
SecureSynergy’s
SnapGear |
This Internet appliance
is ICSA-certified. It can be deployed as a firewall, a VPN gateway, a UTM
appliance, or as an office network-in-a-box security appliance for small
businesses. At the same time it has all the wide-area networking tools needed
to serve a large enterprise’s remote offices.
It can also be used to network all the PCs in an office into a LAN without
switches, DHCP servers and so on. Snapgear incorporates wide-area networking
tools normally available only in enterprise-class devices. |
Starts at Rs. 40,000 per
appliance |
Person: Anita Kukreja
Telephone: 22 28251241
E-mail: info@securesynergy.com
Website: securesynergy.com |
|
|
SonicWALL PRO 5060 |
The PRO 5060 features a
gateway anti-virus, anti-spyware and intrusion prevention system, 802.1q
virtual LAN and real-time blacklist spam-filtering. It supports the Open
Shortest First Path and Router Information Protocol protocols. It also supports
content-filtering and comes with a packet inspection firewall and has integrated
wireless LAN services. It takes care of link failure and load-balancing
and offers Object/Policy-based Management. |
Rs. 8,18,028 plus taxes |
Person:Shubha Prasanna
Telephone: 80 22275308
E-mail: sprasanna @sonicwall.com
Website: sonicwall.com |
|
|
WatchGuard Technologies’
Firebox X 8500e-F |
It provides firewall throughput
of 2.0 Gbps and VPN throughput of 600 Mbps featuring both a stateful packet
and a deep application inspection firewall. It offers protocol anomaly detection
and behavioural analysis. It also offers pattern matching and fragmented
packet reassembly protection. Some of its optional features include spamBlocker,
gateway AV/IPS, WebBlocker URL-filtering and vulnerability assessment. |
Basic Rs. 7,91,340 (excluding
the taxes) |
Person: Ajit Pillai
Telephone: 22 25215657 / 98202 82920
E-mail: Ajit.Pillai @watchguard.com
Website: watchguard.com |
| |
Product
|
Features
|
Price
|
Contact
|
 |
McAfee’s SIG-3100
|
It blocks spyware, phishing,
and known viruses. It can be managed using a built-in browser-based system
or McAfee ePolicy Orchestrator for single-console control, management and
reporting. |
Rs. 2,39,900 |
Person: Terence Gomes
Telephone: 22 66935278
E-mail: Terence_Gomes @McAfee.com
Website: mcafee.com |
|
|
Sophos’ ES4000 E-mail
Security Appliance |
It protects enterprise e-mail
networks. Its threat detection technology protects against viruses, spyware,
Trojans, spam and evolving e-mail-borne threats. It has built-in redundancy
and system maintenance is automatic as it communicates with Sophos every
five minutes, automatically receiving anti-virus and anti-spam updates and
reports on the hardware status. Optional remote assistance is available
via a secure connection. |
Rs. 6 lakh |
Person: Vinod Kumar
Telephone: 022 67911040
E-mail: vinod @satcominfotech.com
Website: sophos.com |
|
|
Stonesoft’s Stonegate
IPS’ SGI-200C |
It combines an IPS sensor
with an analyser. It is designed for customers who need a single sensor
on a location or want to minimise log traffic to a central log server. The
SGI-200C is suitable for network segments that have less than 400 Mbps of
traffic. It is used in conjunction with the StoneGate Management Centre. |
Rs. 18 lakh |
Person: Manoj Taskar
Telephone: 98211 75546
E-mail: manoj.taskar @stonesoft.com
Website: stonesoft.com |
|
|
Symantec Mail Security
8200 Series |
It protects against critical
e-mail security threats, including spam, viruses, phishing, directory harvest
attacks, denial of service attacks, inbound and outbound content compliance,
and maintains message integrity. It is supported by Symantec Brightmail
Anti-Spam and Symantec Anti-Virus technologies for spam and virus protection.
|
Rs. 3 lakh (For Product No.
SMS 8260) |
Person: Deenu Mathew
Telephone: 93412 86008
E-mail: Deenu.m @ingrammicro.co.in
Website: symantec.com |
|
|
Trend Micro’s Interscan
Web security |
It acts as a first line of
defence against threats like spyware, grayware, viruses, and phishing. It
can trigger automatic agentless end-point cleanup in collaboration with
Trend Micro Damage Cleanup Services. It also provides malware detection
and blocking, URL-filtering and anti-phishing. |
Rs. 3 lakh onwards |
Contact: Parshuram
Telephone: 11 42699006
E-mail: sales.in @trendmicro.com
Website: trendmicro.com |
| |
Product
|
Features
|
Price
|
Contact
|
 |
CiscoVPN 3000 Series |
It offers remote-access via
VPN for remote deployments. It provides both IPSec- and SSL-based VPN connectivity
on a single platform. New features in Cisco VPN 3000 Concentrator Software
v4.7 deliver application access, end-point security, data integrity protection,
infrastructure access, and network compliance validation controls. The Cisco
Secure Desktop component supports preconnection security posture assessment
and a consistent mechanism for eliminating all traces of sensitive data.
Integrated Web-based management on Cisco VPN 3000 Series concentrators provides
a simple interface to configure and monitor all remote-access users, providing
manageability across both IPSec and SSL VPN environments. |
Ranges from Rs. 60,000
to Rs. 21,00,000 |
Person:Diwakar Dayal
Telephone: 80 22077000
E-mail: diwakar.dayal @datacraft-asia.com
Website: cisco.com |
| |
Product
|
Features
|
Price
|
Contact
|
 |
Aventail’s
EX-1600 |
It incorporates patent-pending
Aventail Smart Tunnelling technology for controlled and secure access to
enterprise applications, letting it replace IPSec VPNs. It delivers transparent
clientless access to Web and client/server applications, traversal of firewalls
and handling of Network Address Translation issues, without requiring IP
address pools. It has Aventail End-Point Control with client integrity-checking
capabilities to protect against malware and threats, delivers data protection
through Aventail Cache Control and Aventail Secure Desktop. |
Rs. 4,99,000 |
Person: Ravi Karempudi
Telephone: 92434 74402
E-mail: Ravi.Karempudi @Select-Technologies.net
Website: aventail.com |
 |
F5 Networks’ FirePass |
It provides secure remote
access to corporate applications and data through a Web browser. It prevents
infected PCs, hosts or users from connecting to the network. It offers automatic
re-routing for infected PCs, reduces help desk calls and protects sensitive
data from keystroke loggers and other malicious programs. |
Rs. 4,65,125 to 5,115,275 |
Person: Sameer Chaukar
Telephone: 22 67032167 / 98202 95286
E-mail: s.chaukar@f5.com
Website: f5.com |
 |
HCL InfoSecuAccess |
The InfoSecuAccess enables
secure access over an Internet link to internal applications such as e-mail,
terminal server, and intranet and extranet from anywhere on any device.
The user can connect to HCL InfoSecuAccess from any Web or WAP browser.
It is designed to enable enterprises to take advantage of the ubiquity of
SSL browsers, while maintaining network integrity. Its key points include
integrated authentication, end-point security, single point of administration
and access control. |
Rs. 80,000 (taxes extra) |
Person: R Ravi
Telephone: 120 2520977 / 8
E-mail: infoserve@hcl.in
Website: hclinfosystems.in / hcl.in |
 |
NeoAccel’s SSL VPN–Plus
|
It supports up to 10,000
concurrent users and near wire-speed throughput with low latency. It offers
full network extender support for Mac OS X, Windows, and Linux. It supports
industry standard 2-factor authentication, VoIP, Web-based access and a
Java client.
It supports Web-enabled, one-click administration to manage, monitor and
modify gateway configurations. An administrator can allot or change user
privileges, perform user administration, define policies and set up complex
rules for enhanced access control. |
Starts from Rs. 1,40,000
for 10 concurrent tunnels |
Person: Darshana Jambhale
Telephone: 22 2783 0195 / 96
E-mail: darshana.jambhale@neoaccel.com
Website: neoaccel.com |
 |
SonicWALL
SSL-VPN 2000 |
It offers integration with
any firewall product and also offers concurrent tunnels. It supports clientless
wired and wireless connectivity, granular policy configuration controls
and personalised portal experience. |
Rs. 1,70,748 plus taxes |
Person: Shubha Prasanna
Telephone: 80 22275308
E-mail: sprasanna@sonicwall.com
Website: sonicwall.com |
| |
Product
|
Features
|
Price
|
Contact
|
 |
RSA SecurID SID800 authenticator
|
The company claims that
the SID800 token delivers security, mobility and reliability associated
with the flagship RSA SecurID tokens, while expanding credential support
and user flexibility. With an integrated USB connector, the token enables
users to harness the security of two-factor authentication, whether working
in a connected or disconnected environment. Desktop software, which can
be installed remotely, ensures tight integration with the logon procedures
for the Microsoft Windows operating system including RSA SecurID one-time-passwords,
digital certificates and username/password combinations.
Its key points include; token used as the authentication credential storage
device for RSA Sign-On Manager, and a secure enterprise access solution
that combines strong authentication with single sign-on.
By integrating a 64k smart chip, it enables users to store up to seven digital
certificates and three sets of password credentials, which can be used to
log on to a Microsoft Windows operating system. |
Rs. 99,000 – 1,25,000
for 10 users of the tokens plus the authentication manager software and
maintenance |
Person: Seema Ansari
Telephone: 22 26570360
E-mail: sansari@rsasecurity.com
Website: rsasecurity.com |
|
|
VASCO’s Digipass
for WEB |
VASCO’s Digipass for
WEB is a software solution that runs on a Web server supporting user authentication,
transaction signing and document signing. It does not require software installation
on the end-user’s computer and the product can be upgraded to a hardware
Digipass. |
Rs. 64,424 |
Person: Mehraze Medhora
Telephone: 22 28790310
E-mail: info@vasco.com
Website: vasco.com |
|
