3Com is introducing unified threat management gear for small and midsize enterprises at the Interop show this week. The gear is aimed at customers who want 3Com's TippingPoint security technology, but at a lower scale and price point than has been previously offered, the vendor says.
The 3Com X5 and X506 appliances combine 3Com's VPN and firewall technologies with intrusion prevention/detection systems (IPS/IDS) packet inspection features from its TippingPoint subsidiary. The gear is aimed at SMBs and organizations looking to tightly control traffic flows into and out of a campus network.
The X5 is a desktop device, aimed at small offices with as many as 50 users. The X506 is targeted at larger networks with hundreds or thousands of users and nodes. The X5 supports 18Mbps IDS/IPS and 50 VPN users, while the X506 supports as much as 50Mbps of IDS/IPS traffic and more than 1,000 VPN tunnels. Both boxes perform deep packet inspection to identify and shut down services such as peer-to-peer networking and spyware, using the same IDS/IPS engines as the enterprise-level TippingPoint products.
The X-series devices can also be configured to limit the rate of suspicious traffic, such as packet streams which may be produced by a worm-infected PC or server. The products can use software and services from SurfControl for advanced Web site and URL filtering.
The X506 device is running on the campus network of the Community Unit School District in Collinsville, Ill.The appliance sits in the school's data center, which connects 12 locations connected by fiber, and uplinks to a 25Mmps Internet connection, provided by the state. The school system upgraded to the X506 after its 3Com SuperStack Firewall appliance was put on end-of-life status by the vendor last year.
All traffic leaving and entering the network is scrubbed by the X506, which uses TippingPoint's Digital Vaccine. This helps tame some of the unruly behavior that can happen on a school network with more than 7,000 users.
When the school's technology reseller installed the X506, "they said we had one of the biggest infestations of spyware they had ever seen," says Susan Homes, IS director for the district. "This device helps us clean up the problem by not allowing [spyware] to propagate," through the network.
Initial rollout of the device had some bumps, as unstable beta code in the X506 took the network down a few times; but the issues were resolved within weeks. "Otherwise, we would have yanked the thing out of our network," Homes says.
The Web filtering, traffic monitoring, and bandwidth utilization reports the device provides are also useful, especially at this time of the year, she says.
"We've been watching the amount of video on the network," she says. "It's the end of the school year, and teachers may be less vigilant about what kids are doing on the network. Homes says she is looking forward to a new feature in the X506, due out this summer, which will let administrators drill down to see what individual users are doing on the network, as opposed to just machine IP addresses.
The X5 and X506 compete with low-end and mid-range security devices such as Juniper's NetScreen 25 series, WatchGuard's X750e and Cisco's Pix 501 appliance. The X5 starts at US$1,000 for a 25-user license, and US$1,200 for an unrestricted license. The X506 starts at US$4,000. Digital Vaccine annual services for the X5 and X506 start at US$500 and US$1,300, respectively. Web content filtering for the X5 and X506 costs an extra US$200 and US$700, respectively.