Cisco adds security to 6500 switch line

Cisco has claimed that a series of security hardware modules for its Catalyst 6500 Series of switches would enable enterprises to...

Cisco has claimed that a series of security hardware modules for its Catalyst 6500 Series of switches would enable enterprises to secure their network traffic at higher performance and avoid proliferation of devices.

The modules perform the same functions as existing Cisco security products, but at higher performance because they take advantage of the Catalyst 6500 Series, according to Tom Russell, director of product marketing in Cisco's VPN and Security group.

The Catalyst 6500 is one of Cisco's main chassis-based switch platforms for enterprises and service providers. The security modules can be deployed in the Cisco 7600 Series router.

Because enterprise networks have an increasing number of connections to the outside world, and each department may need its own security policies, it makes sense to deploy security at switches within the network as well as in devices at the edge, Russell said.

He claimed that the switch modules cost less than standalone devices.

The line-up includes a VPN (virtual private network) Services Module and a Network Analysis Module, available now, as well as a Firewall Services Module and an SSL (Secure Sockets Layer) Module available next month.

The latest security modules offer more benefit than some earlier Cisco modules that could be plugged into switch backplanes, as these are truly integrated and can be managed through the same interface as the rest of the switch.

The VPN module can encrypt and decrypt traffic with 3DES (Triple Data Encryption Standard) technology at 1.9G bps (bits per second) and provide 8,000 concurrent VPN tunnels, using the IPSec (Internet Protocol Security) standard. At that level of performance, it can handle VPNs between enterprise campuses as well as for remote users on dial-up and broadband. It is priced at $35,000 (£23,194).

The Network Analysis Module, NAM-2, provides roughly double the throughput of an existing module for the Catalyst line, the NAM-1. The NAM-2 can monitor traffic at rates as high as 1Gbps to help administrators detect network problems and better use resources. The NAM-1 and NAM-2 are priced at $17,995 (£11,757) and $29,995 (£19,597) respectively.

The Firewall Services Module brings the functions of Cisco's Pix Firewall to the switch platform along with an increase in performance from the stand-alone versions. It can secure traffic at throughput rates up to 4Gbps, over as many as 100,000 connections per second.

As many as four of the firewall modules can be deployed in one Catalyst 6500 chassis, and one chassis with multiple firewall modules can be used as a high-performance security platform. It will be priced at $34,995 (£22,864).

The SSL Services Module can encrypt and decrypt traffic using SSL at speeds up to 300Mbps, supporting as many as 2,500 connections per second. A typical deployment would be to offload security functions from an e-commerce server behind the Catalyst 6500, Russell said. The module will cost $29,995 (£19,597).

Read more on IT risk management