Secure bought Gauntlet from Network Associates Inc last February, and promised to deliver a firewall to rival stateful inspection-based products in terms of performance and could become leading edge in terms of application-level functionality.
Once the second most-used firewall in the market, Gauntlet languished during its time at NAI, shedding market share to Check Point and Cisco. Secure, a smaller firewall vendor with fourth-quarter sales of $17.2m, picked it up to push its hybrid firewall agenda.
Last summer, the company also promised to deliver a firewall management system that could scale to hundreds of deployments, an area where Secure lagged behind rivals including NetScreen Technologies Inc and Check Point Software Technologies Ltd.
Secure’s director of product marketing Paul DeBernardi said that the company is now delivering on those promises. The company will this week release a new version of its software, a new high-end firewall appliance, and a new management system.
DeBernardi said the Sidewinder G2 Enterprise Manager is the first firewall management system to be delivered in the form of an appliance, based on Dell kit and a hardened SecureOS Unix that the company claims has never been compromised.
If they look at the new interface, a person who knew GEMS will know GEMS is embedded in this, although it is based on GEMS concepts rather than the software itself, he said. GEMS was the old Gauntlet Enterprise Management System.
The company also claims the appliance is unique in its range of security features. Management messages are SSL-encrypted. There is a built-in certificate authority for authenticating firewalls. Emergency security patches are unlikely, the firm says.
G2 Enterprise Manager comes in 1U and 2U form factors, with the former supporting 10 firewalls and the latter supporting 25, 50 or unlimited firewalls. DeBernardi said Secure has stress-tested the 2U appliance on up to 400 firewalls.
In terms of the end devices themselves, Secure has upgraded the software in its four 1U models and its 2000 2U model, and will release a new four-processor 4U unit that costs $94,900 and is the company’s most scalable device yet.
From a stateful inspection point of view, we now have the same scalability as our competitors, DeBernardi said. When acting as a stateful inspection firewall, it can scale up to one million concurrent connections and 15,000 new connections per second.
Phase two of Secure’s integration of Gauntlet’s technology and expertise will come some time in the second half of this year, and will focus on the application layer. While rivals focus on tying VPN functions into their firewalls, Secure is pushing its hybrid firewall strategy, with only token VPN features included.
We’re rebuilding the [HTTP, email and FTP] proxies with some software that was under development at Gauntlet, DeBernardi said. He said Secure wants to tackle the port 80 firewall-evading tunnel, which will become crucial as companies roll out web services.
The company is essentially building a SOAP/XML firewall for inclusion in its regular appliances, with the aim of helping companies secure web services applications. SOAP uses port 80, which is usually left wide open in typical firewall configurations.
Check Point, for one, has already made noises in that direction, and almost a dozen smaller companies have started moving appliances purpose-built for filtering traffic based on deep-packet inspection of SOAP traffic, though many also encrypt and sign messages.
This week, Secure will also start using a new branding scheme. The Sidewinder snake is now framed in the Gauntlet shield. The G2 moniker was chosen to imply the Gauntlet brand and next generation technology, and to appeal to defense and military buyers.
Source: Computerwire
