Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Secure Routing: Branch Gateway Includes Security, VoIP

Colorado Springs, Colo. — NetDevices Inc. will launch a gateway platform for branch offices this week that combines local and intersystem routing functions with security and voice-over-Internet Protocol duties. NetDevices hopes to subsume many firewall and intrusion-prevention functions in a platform priced at enterprise-router levels — $15,000 for the baseline configuration of the SG-8 Unified Services Gateway.

The SG-8 can serve as a Session Initiation Protocol (SIP) application gateway with quality-of-service shaping. Rob Haragan, co-founder and vice president of engineering, said NetDevices is betting that many sites that originally used soft switches based on the Media Gateway Control Protocol will "slim down" their VoIP support using a SIP gateway.

Two-year-old NetDevices, founded by veterans of Cisco, Redback Networks and Sonus Networks, employs more than 130, divided among sites in Sunnyvale, Calif., and the Indian cities of Bangalore and Hyderabad. The latter locations were critical in developing a proprietary Linux-based operating system, dubbed ModuLive, and a management system that monitors network performance independently of both the control plane and data plane.

The foundation for the 3U chassis of the SG-8 was an architecture that uses a custom services engine in which all packet operations take place in a single pass. Unlike many security appliances for intrusion prevention or virtual-private-network creation, the SG-8 performs firewall and IPsec decryption functions first. Back-end security functions, such as Web filtering and intrusion detection, take place via extraction and normalization of URLs to a common information base. Layer 3 routing takes place last, only after all security functions have been performed.

NetDevices has borrowed concepts from fault-tolerant operating environments like the Tandem Computers NonStop system to place multiple, independent services within separate user spaces on top of the Linux kernel. Individual software modules for routing, firewall, switching and other functions can be started and stopped independently.

  • 1