The first two products in the SecureIron range are the SecureIron Security Traffic Manager and the SecureIron LAN Switch. Bob Schiff, VP of product marketing at the San Jose, California-based company, said the first is designed to sit anywhere a firewall or IPS device can, i.e. behind a LAN switch or WAN router, or in front of a firewall, and offload some of the traditional security functionality off the firewall or IPS system.
Foundry is positioning this box to complement existing security infrastructure rather than replace it, extending the life of customers’ existing equipment by taking off some of the load. In the case of an application firewall, for instance, we can take care of the DoS protection, anti-spam and anti-virus, and even carry out load-balancing across several app FWs, giving them more headroom, Schiff said. For IPS systems, we can support a clustered IPS environment with load-balancing, though we can also offer the product as IPS in its own right.
The Traffic Manager comes in two models with different capacities: the 100, supporting up to 1 million concurrent bi-directional flows and protecting against up to 1.2 million SYN attacks per second, with a list price of $14,295; and the 300, for 3 million concurrent flows and protection against 3.6 million SYN attacks per second, with a list price of $21,995. The bigger box is capable of multi-gigabit L4 protection, whereas the smaller guarantees only wire-speed gigabit.
Schiff said the need for this product comes from the growth of throughput on corporate networks. Load-balancing firewalls was fashionable when they couldn’t handle anything more than Fast Ethernet and backbones were already at GbE, he said. Now they’re handling GbE but networks as a whole are going beyond that.
The logic behind the marketing as a complement to existing FW and IPS infrastructure is, at least in part, to ease the product’s introduction into Foundry’s channel. A lot of our channel partners will probably have other vendors’ products in this space, so we need to define how best to position our stuff, Schiff said.
The second security product is the SecureIron LAN Switch. Here the competitive nature of the offering is unavoidable, in that it’s a LAN switch with built-in IPS, suited for the small workgroup or branch office market. We’re launching the first LAN switch with IPS, AS and AV built in, said Schiff, acknowledging however that an ISR from Cisco can be fitted with its IPS module, and as such represents a competitor.
The competition will be on price as well as the convenience of getting all the functionality by default. The SecureIronLS range comprises six models, three of them in the SecureIronLS 100 family and three in the 300 family. Each family has one 48-port, 10/100 Ethernet plus two GbE ports for uplink, plus two 32-port boxes, offering 32 ports of 100/1000 copper connectivity and, in one case, two GbE ports and, in the other, two 10GbE ports. List prices go from $16,495 for the SecureIronLS 100-4802 to $32,995 for the SecureIronLS 300-32GC10G.
Schiff said the SecureIron portfolio of products will be on general availablity in August, at which point the company will announce partners in AV, AS are URL blacklist services. We’ve previously offered security features on our ServerIron appliances for the data center, such as SSL VPNs and web acceleration, he said, revealing that Foundry plans to add SSL encryption to the SecureIron range by the end of this year.
