The new device features IPS technology and firewall, Web filtering technology and VPN (virtual private networking). It also has bandwidth allocation features that can suppress noisy applications, like peer-to-peer programs, and prioritize other critical applications, like VOIP (voice over IP).
3Com hopes the X505 will appeal to customers who want top-notch protection against unknown threats, along with other security functions, in a single device, according to Jason Wright, product marketing manager at 3Coms TippingPoint division. The device is 3Coms first entry into the fast-growing market for multifunction security appliances.
The X505 is the first product developed jointly by 3Com and the TippingPoint division since the acquisition of that company in January, 3Com said. The X505 incorporates features from an integrated security appliance with firewall, VPN and QOS (quality of service) features that was in the works before the TippingPoint acquisition. The appliances Web filtering technology is from Surfcontrol Inc., Wright said.
"We made some tweaks and adjustments, in addition to adding the IPS and a new platform," he said.
The X505 puts IPS at the center of the new appliance, which distinguishes it from other integrated security appliances by Cisco Systems Inc. and Internet Security Systems, he said.
Using a concept called "security zones," customers can isolate as well as combine security features on the device to optimize inspection of different kinds of network traffic, Wright said.
For example, customers can combine the traffic-shaping feature with the IPS detection to inspect VPN traffic and prevent worms from spreading between remote offices or home offices and the corporate LAN over a VPN tunnel, 3Com said.
The East Grand Rapids Public Schools District in Michigan is using the new X505 appliance to replace three separate network devices: a switch, firewall and IDS (intrusion detection system) sensor, said Jeff Crawford, manager of networking and security for the 3,000-student school district.
East Grand Rapids has been using the X505 since the end of September to block external attacks on the schools network and prevent unauthorized activities on the districts network, such as abuses of school wireless networks, he said.
"I can be a jerk," Crawford said. "Parents dont want students sitting with their laptop, chatting on IM or shopping online. I can block all the file sharing and chatting stuff," he said.
However, the device is not without its shortcomings, Crawford said.
The X505 doesnt do as good a job as a competing product by WatchGuard at giving administrators flexibility in areas like automatic blocking and quarantining IP addresses. Also, the products Web-based graphical interface uses different pages to present information, making it harder for administrators to monitor threats in real time and eyeball significant events or breaches of policy, Crawford said.
Still, Crawford said he was impressed with the X505, which gave East Grand Rapids access to TippingPoint IPS technology that was previously too pricey, and made management simple by consolidating the features of three network appliances on one device.
Swiss Army knife-style multifunction appliances like the X505 are a hot commodity among enterprise IT buyers, wrote John Oltsik, a senior analyst at Enterprise Strategy Group in Milford, Mass., in an e-mail to eWEEK.
TippingPoints IPS technology allows 3Com to tap into that demand. At the same time, 3Coms channel and international support operation makes the TippingPoint technology an easier sell.