3Com Enhances Network Security
The Santa Clara, Calif., company and rival Cisco Systems Inc. are both executing strategies to deliver security as an integral part of the network fabric. But 3Com officials assert that 3Coms approach is a more "practical" and "layered" one that allows customers to "match the level of sophistication they need where they need it."
Included in the latest round of security enhancements, which follow an October release of 3Coms firewall, is the ability in the SuperStack 3 Switch 4400 wiring closet switch to authenticate every user on the network using 802.1x network log-in. That support is integrated with 3Coms Network Supervisor Advanced Package management software, allowing administrators to identify and track each user. Such capability can be used to help speed problem resolution as well as identify hackers.
The Network Supervisor Advanced Package, which can discover and then graphically map and display network links and IP devices, was also enhanced with the ability to identify RADIUS servers and highlight authentication problems. As end users log on and off, they appear and disappear in real time on the network maps. 3Com also added network views by virtual LAN and the ability to schedule management tasks such as device configuration backups and software agent updates.
The SuperStack 3 Firewall, which already includes virtual private networking for up to 1,000 remote users, adds support for Microsoft standard VPN clients running on Windows 2000 and Windows XP. Such support eliminates the requirement to pay for a separate VPN license and to install VPN clients on end-user desktops or notebooks.
The firewall already supports the free Safenet VPN client and Layer 2 Tunnel Protocol clients, which are native in Windows XP. "We can terminate those clients as well as traditional IPSec clients," said a 3Com official.
The SuperStack 3 Firewall also gained the ability to create two separate networks within a single firewall, support for WAN bandwidth prioritization that can be set by time of day or by application, Web-based firewall configuration using Secure Socket Layers encryption instead of a VPN tunnel, and an internal authentication database that supports up to 100 users.
All of the enhancements are available now.