NetScreen 5000 series boosts network speed

Firewall and virtual private network (VPN) vendor NetScreen has announced two new appliances, the NetScreen 5200 and NetScreen...

Firewall and virtual private network (VPN) vendor NetScreen has announced two new appliances, the NetScreen 5200 and NetScreen 5400.

The devices, built around NetScreen's new GigaScreen II ASIC (Application-Specific Integrated Circuit), can handle up to 12Gbits per second of firewall traffic and up to 6Gbps of VPN traffic, NetScreen claims. The 5000 series is aimed at very large enterprises, carriers and service providers, said Jeff Wenker, public relations manager for NetScreen.

Both devices can perform packet and content inspection on standard size and small packets, the kind of packets used in Voice over IP and other applications, Wenker said. Other firewall/VPN devices take a substantial performance hit when doing small packet inspection, but, thanks to the GigaScreen II, the NetScreen 5000 series devices perform faster, he said.

The 5200, which is immediately available worldwide, offers up to 8 Gigabit Ethernet ports or 2 Gigabit Ethernet and 24 Fast Ethernet ports, Wenker said. The device is 2U high (approximately 9 cm or about 3.5 inches) and offers up to 4Gbps firewall throughput and up to 2Gbps VPN performance, he said. The device costs $99,000 (£68,918).

The 5400 will be available in the third quarter of 2002 and will offer up to 78 Gigabit and Fast Ethernet ports, Wenker said. The 5U high device boasts up to 12Gbps firewall speeds and up to 6Gbps VPN throughput but has not yet been priced.

Both devices can be managed through either a Web-based management console or a command line interface. Support for the devices will be added to the company's enterprise-class management console Global Pro at the beginning of the summer.

The heart of the 5000 series boxes is the GigaScreen II ASIC, Wenker said. The GigaScreen II is the third ASIC created by NetScreen since it was founded and is "a full-blown security processor," he said. Instead of having security co-processors and accelerators as have been used in the past, the GigaScreen II can have all traffic routed through it, rather than through a device's CPU where the packet processing will take place, he said.

The ASIC can be scaled using multiple chips, with each individual chip offering 2Gbps of firewall processing and 1Gbps of VPN power. Wenker expects that the GigaScreen II will be able to drive NetScreen's product line for a few years.

Read more on Networking hardware