AXENT releases firstborn of its VelociPliance family

Rockville, Md.-based AXENT Technologies Inc. and Cobalt Networks Inc., based in Mountain View, Calif., last month announced the release of the VelociRaptor, a firewall and virtual private network (VPN) appliance.

According to AXENT, VelociRaptor is the first product released in a series of appliances under the new VelociPliance family of enterprise-class security software.

Howard Lev, the product manager who developed VelociRaptor at AXENT, said the idea behind the appliance was to find an easier way to install, configure and manage firewalls.

“One of the ways we are making it easier to get the firewall up is to combine hardware and software in an easier-to-use package,” Lev said. “Basically what we have done is taken the Raptor Firewall and we have forwarded it to the Linux that runs on the Cobalt RaQ 3 and RaQ 4 products. We’ve stripped away the stuff we don’t need for a firewall that would make it potentially less secure.”

Based on AXENT’s Raptor Firewall, the VelociRaptor has the additional security strength of running on a hardened Linux, the company said.

Lev noted the VelociRaptor comes equipped with a number of quick-start wizards.

“We’ve pre-configured the hardware; we’ve pre-configured and hardened the Linux OS; we’ve pre-installed the Raptor Firewall and Power VPN 6.5 so there is no chance for configuration,” Lev said.

Dubbing the appliance as the ‘plug and protect’ hardware solution, both AXENT and Cobalt said it was designed to protect access to the Internet, and acts as an application proxy firewall.

“Not only do we do packet filtering at the IT layer but we also check the application protocols at the application layer,” Lev said.

Daniel Freeman, Cobalt’s product manager, said a key market difference is the strong hardware platform.

“It’s a one unit-high appliance,” Freeman said. “There is very low power consumption. Less than fifty watts of power is drawn, which is less than the standard light bulb.”

Freeman added that the VelociRaptor comes with four Ethernet ports to allow service providers to build and manage three different customers with one VelociRaptor appliance.

Lev said AXENT is targeting three sectors: branch offices of Fortune 1000 companies, small- to medium-sized businesses and service providers.

Lev said the branch offices of Fortune 1000 companies want the same protection as the headquarters, as they are connected by a leased line.

“If you break into the branch office, you get access to the home office,” Lev said. “Another thing they want to do is to be able to eliminate those leased lines and use VPN. You get a payback on the VPN versus leased lines in about six months.”

Lev said small- to medium-sized business want the same protection larger companies have.

“Their information is just as important to them as it is to a big company, so they want the same capability,” he said.

Lev added that smaller companies are less likely to have the depth and breadth of network technicians, and require an appliance that is easy to install, configure and manage.

Freeman said service providers are concerned with finding layered services.

“They are very concerned with getting remote management from the network operations centre,” Freeman said. “They are also looking for integration with network management software.”

Scott Ganz, network administrator for Global InfoTek in Vienna, Va., said one of the main reasons his company has selected the VelociRaptor is because it is built on the Linux operating system.

“We had some previous experience with the AXENT Raptor products and were interested to see where they were going with their next generation of appliance-type equipment,” Ganz said, adding, “It’s a nice firewall.”

Though he compliments the product, Ganz said it does not meet some of the security challenges of Global InfoTek.

“Some of he things we are doing is multi-class routing, and we are involved in a project called the Grid Project, which is a collapsed grid,” he said. “Some of the things we would like to do are a little more advanced than what this product is easily set up to do. It’s an excellent product for someone who wants a firewall that you can pop right into place.”

Ganz said Global InfoTek will have to implement more advanced networking equipment or subdivide some of the security functionalities in order to have VelociRaptor suit its needs.

VelociRaptor is available now and pricing is based on the number of nodes protected by the firewall. Pricing starts at US$4,995 for 25 nodes and goes up to US$14,995 for unlimited nodes.

Two other products from the VelociPliance family, a VPN appliance and the VelociProwler, a network intrusion detection device, will be released in Q1 of 2001.

Cobalt is on the Web at, and AXENT is at