November 2009 Archives

What Cost An Enterprise Firewall?

| No Comments
| More
Networking products and services typically have three stages in life - technology, commodity and freebie. Then a slow, lingering death.

In the case of the firewall, the "personal" edition has been - or perceived as being - free for some time, built into the desktop OS or available as a free download from many suppliers, or "thrown in" as part of an AV service, for example. But it hasn't really been offered as a freebie at "Enterprise" level by any of the established security appliance vendors - until now that is.

German-based, born and bred Astaro may not be a familiary name to many in the UK, but this well-establised purveyor of UTM appliances and variations thereof is a big name in its own country and other territories. And it has taken the step that others have shied away from to date, and is now offering a free Enterprise level firewall - what it is calling the "Essential Firewall" version of its ASG product.

This is available worldwide and includes the following "essentials":

  • Networking: Internet Router, Bridging, DNS server & proxy, DynDNS, DHCP server & relay, NTP support, automatic QoS
  • Network Security: Stateful Packet Inspection Firewall & Network Address translation (DNAT/SNAT/Masquerading)
  • Remote Access: PPTP and L2TP over IPSec support (including iPhone support)
  • Logging/Reporting: Full logging on local hard drive, searching, real-time reports for hardware, network usage and network security, daily executive reports
  • Management: Web-based GUI in local languages, setup wizard, configuration backup & restore, administrator notifications, SNMP support, centralized management via Astaro Command Center (also free of charge)
We're hoping not only to find the time to get our hands on this product, but also a number of other planned new products from Astaro in the new year. It will be interesting to see what effect this has on the security appliance market in general, as well as what the likes of IDG and Gartner in the Analyst world make of this move.

It also begs the question: what will become free next? I think the answer is, if you have a few spare PCs/Servers running Linux, then almost everything...

What saves the world from becoming one giant freeware state is that a) many people still are prepared to spend £, $ or € to obtain some "tin" for reassurance and b) they want a product that is properly supported and, again, are prepared to part with some form of currency denomination in order for this to happen. However, in the same way that we all know that bartering - exchange of services and products - takes place in the world at large, so it can be that, at a Linux community level, what has been going on for a few years now at a semi-underground level could become more acceptable mainstream.

Best start entering the lottery...


| No Comments
| More
So it looks like the end of another era - that of 3Com - with the announcement that HP is buying what was once THE shining light of Ethernet(working) for $2.7bn.

Even if the company that the French wonderfully called "twa-com" is a Hank Marvin of its former self, given its recent success in China especially and ongoing popularity in many markets (including several countries within Europe), compared with Avaya shelling out $900m in auction for Nortel's Enterprise division, this looks a conspicuous bargain. Bear in mind that the TippingPoint division alone is worth a considerable percentage of that sum (and would have been worth many billions had it existed at the turn of the decade) with still market-leading IPS technology - something that HP ("ash-pay" in France, to continue the theme) simply does not have - and it does makes a lot of sense for both parties. Well, HP anyway...

At the same time, it could be argued that it doesn't solve all of HP's requirements, as well as creating an interesting dilemma with the parent company's ProCurve division now generating almost as much revenue as 3Com itself has of recent. And there are a lot of cross-over products to rationalise/realign. Of course, as someone who has worked with both vendors on an independent basis for too many years to wish to recall, if you want a bit of advice on this front chaps, I'm always here for you...

While also providing ProCurve specifically with a ready-made router platform, what 3Com may not bring sufficiently to the table, even with H3C, is a full compliment of fully-owned core networking product technology - agreed this is a point of argument and maybe more to do with politics than technology. So, ProCurve itself has part of the story - the 8200 series core switches are worthy products - but there is little else in the locker to sell alongside these from within. Is it reasonable to suggest, then, that - if the H3C element of 3Com is not seen as "heavyweight" enough to beat off Cisco that HP might still be in acquisition mode - someone like Force 10/Turin or even Brocade/Foundry makes enough sense in each case, without getting Extreme about this.

I'll be tuning into the various press/analyst conversations around the subject, as well as being in the middle of a number of projects with ProCurve itself at the moment so - regardez l'espace...

P.S. Continuing the French theme - wine tip number several... With the glut of unsold wines and lots of wineries going bust in France, there are mega bargains to be had, especially if you have the ability to club together and bulk buy direct. So don't spend stupid money in the UK on individual bottles at "regular" prices... Good excuse for a weekend across the Channel as well.

Load-Balancing With That Tyson Feeling

| No Comments
| More

Following David Haye's Goliath-conquering exploits at the weekend it would be no surprise to see Mike Tyson attempt to come out of retirement once again, seeing a heavyweight champion whose head he can actually reach.

But it wouldn't be Tyson actually making the big comeback this week but that Load-Balancing originator that was - and again is - Alteon. Following Radware's, er, rescue of the technology from the ill-fated Nortel, a company that had progressed the original Alteon technology about as much as the Detroit carmakers have improved automobile science since its inception, it'll be fascinating to see if a company that already has its own L-B technology does anything truly significant with its new (overgrown) baby.

In case you're wondering, Radware hasn't simply bought the Alteon customer base to flog its own technology to. You can buy a real updated Alteon product - the 5412 - from Radware. It certainly sounds a step forward though, delivering up to 20Gbps of application switching throughput capacity and up to 340,000 Layer 4 transactions per second. It also has 10GbE ports (four of them) - something that wasn't possible, short of time travel, when the original Alteon product range was launched. Moreover, these are performance figures that the old Nortel-badged incarnation could only dream of (that's Layer 8 Networking, the dream layer...).

And, reading the press release accompanying the launch, it's clear that their marketings guys have been on some kind of dream-enhancement substance:

"As the centrepiece of the new marketing campaign, Alteon's appearance personifies the strengths and evolution of the new, powerful Alteon product line, as he combats his evil network archenemies, Bottleneck, Outage, Disconnect, and Disarray - from their destructive network rampage. This sinister IT world, plagued with darkness, has slowed down application networking performance - requiring a hero to be summoned to fight network downtime and deliver super fast performance to the online world. This hero must be brave, powerful, and highly skilled... this hero must be Alteon."

Take a look for yourself, if you don't believe me: Visit:

Well, at least it beats shots of metal boxes and LEDs and dull talk of ROI, business benefits and rubbish like that... I mean IT's all about entertainment, right?

Have you entered our awards yet?


-- Advertisement --