Part 1: How to Set Up a Linux-Based Firewall for a SOHO
part 1 of a 3-part series
April 30, 2001
By John R. Vacca
Packet-Filtering Firewalls and Policy-Based Routing
If you feel the need for speed, look to Asita Technologies, which makes one of the fastest pieces of hardware in the VPN world. In January 2000, the company launched a family of VPN boxes called LineSpeed that supports IPSec (IP Security) VPNs -- packet-filtering firewalls and policy-based routing that helps ensure quality-of-service levels for designated applications or user groups.
Following quickly on that announcement, the company now has started shipping LineSpeed GS2, a modular chassis that supports IPSec VPNs at up to 2 Gbps. It also supports a range of other features, including firewalling, load balancing, content checking, URL checking, intrusion detection, denial-of-service detection, antivirus protection, and policy routing and management. This comes less than two months after Cisco Systems and NetScreen Technologies announced their 1-Gbps SOHO firewalls that actually outstrip the VPN speed of their equipment.
The Asita box accomplishes its speed via hardware cards that each can support different applications. So, for instance, a GS2 might have one module that performs IPSec VPN functions and a separate card that supports an antivirus application. Different applications can be added to other modules. Asita has some of these applications ready to roll, and the company is working with partners to develop others.
The chassis itself has a 64-Gbps backplane to handle the movement of packets among the hardware modules at line speed. This modular approach to network security should be attractive to the biggest enterprises, which are likely to have large numbers of VPN users. Because it is modular, customers can grow the system as needed, rather investing in an initially oversized system and then trying to grow into it.
Asita's offering also is large enough for service providers to use. It has the ability to partition customer traffic via virtual routers within the GS2. The box ranges in price from $86,000 to $486,000 and is available now.
John Vacca is an information technology consultant and internationally known author based in Pomeroy, Ohio. He can be reached on the Internet at jvacca@hti.net.
|
REPORTS
ANALYTICS
Follow 
