Nortel and Symantec have teamed up for application switching.
L4-L7 switching, or application switching, combines both app availability and performance management with security, all based on deep packet inspection to determine whether traffic is noxious and should therefore be blocked, and if not, with what level of priority it should be treated. Voice will be given preferential treatment over email, for instance.
Nortel has been in this business since its $7.3 billion acquisition of Alteon WebSystems in 2000, with a five-member product family called the Nortel Application Switches. The Application Switch OS on which they all run is now moving from release 23.0 to 23.1.
Customers on maintenance contracts will get the upgrade automatically, but they must also be running Nortel’s Intelligent Traffic Management capability on the box. After that, the Symantec capability, which provides signature updates on an automatic or alert basis, can be turned on via a software key.
There is clearly a trend for security functionality to find its way onto networking gear, often replacing dedicated security appliances. As to the competitive environment into which this offering will be launched, Nortel goes up against the likes of Cisco, F5, Radware and Foundry in application switching, none of whom are offering an IDS/IPS service like this one, according to Paul Compton, Nortel’s EMEA product marketing manager.
Foundry offers intrusion-prevention on its SecureIron product family, but it is not tied in with a signature-based service like Symantec’s. Cisco has an IDS/IPS blade for its Catalyst switches and, with the recent announcement of the Application Control Engine, its flagship L2-L3 devices are in many ways taking over a lot of what has until now been the CSS’s functionality.
Equally ISS, another IDS/IPS heavyweight, recently unveiled a deal with another networking vendor, Extreme, whereby its Proventia Intrusion Prevention System will talk via a jointly developed API to Extreme devices running its XOS operating system.
Again, these are mainstream L2-L4 devices rather than app switches, and Mr Compton said that what makes the Nortel/Symantec offering unique is that it leverages the inherent deep-packet inspection capability of the Nortel boxes as well as using the Symantec signatures.