Spanning VPN Spectrum

New devices from Symantec and Asita tackle opposite ends of market.

Symantec Corp. and Asita Technologies Inc. this week are announcing sophisticated VPN appliances that, while aimed at opposite ends of the market, deliver similar feature sets.

Symantecs 100, 200 and 200R virtual private network appliances are designed for small and midsize businesses, but they include features that are typically reserved for machines deployed at service providers or much larger enterprises.

Besides the standard gateway-to-gateway IP Security VPN tunneling, all three models include embedded firewalls and intrusion detection capabilities. There are also multiple 10/100M-bps network switches on each appliance. The 100 includes four LAN ports, while the 200 models come with eight ports.

Symantec, of Cupertino, Calif., has included an automatic dial-up backup feature that ensures that the machines remain connected to the Internet. There is also a secure, Web-based management interface to enable administrators to configure the machines remotely, Symantec officials said.

The 100 is priced at $499; the 200 is $899; and the 200R, which comes bundled with Symantecs VPN client software, costs $1,199. All three are slated to be available next week.

"Using and installing a client-side VPN can be very labor-intensive," said Chris Poulin, president of Fire Tower Inc., a security services provider in Medfield, Mass., that is beta testing the Symantec VPNs. "This way, you dont have to touch the client machines at all. It fills a nice gap, and its complementary to the corporate firewall."

At the other end of the spectrum, Asita, of Irvine, Calif., is rolling out an updated version of its LineSpeed GS2 VPN box. The GS2, which is aimed at the service provider market, is built to handle more than 40,000 simultaneous VPN tunnels at speeds of up to 2G bps.

Like Symantecs appliances, the GS2, originally launched in February, includes a firewall and load balancing and intrusion detection capabilities. But it also has other features, such as content checking, URL checking, anti-virus protection, and policy routing and management.

The GS2 boxes also support MD5 and SHA-1 hash algorithms for authentication.

The appliances start at $75,000 and range up to $375,000 and are available now.

The updated GS2 will add support for the Virtual Router Redundancy Protocol, which will allow the appliance to automatically switch to a backup VPN concentrator if the master ever becomes unavailable. The new version also includes a Telnet client and server, a TFTP client and server, and an improved management interface, company officials said.

In addition, the GS line now includes up to eight customizable security application cartridges, which are hot-swappable. The cartridges are designed to serve as application platforms for third-party security applications, enabling users to integrate their current software with the VPN box.

Like the first GS appliances, the updated VPNs utilize Triple DES encryption over the IPSec protocol, meant to provide the speed that service providers and large enterprises need from VPNs.