Enterasys rolls firewalls, VPNs into branch office routers

Enterasys Networks is taking aim at Cisco Systems with a series of recently released routers that combine standard WAN connectivity and optional, built-in security features.

The Enterasys XSR 3000 series and 4000 series routers are designed for large and medium enterprise sites. The four new boxes – the XSR 3020, the XSR-3150, the XSR-3250 and the XSR-4100 – complement Enterasys’ existing XSR-1805 and XSR-1850 routers, which were released about 15 months ago for smaller enterprise branch offices.

The fact that the routers include built-in firewall and VPN capabilities made them an attractive option for Dr. Al Valbuena, executive director of the Office of Information Technology at Franciscan University in Steubenville, Ohio.

“We wanted something that would serve not only as a firewall, but also include other security options,” he said. “We wanted a security switch – not a piecemeal solution.”

Franciscan was forced to look for a new firewall option when the manufacturer of its existing firewall went out of business.

The router services manager on the XSR box makes it simple to use, Valbuena said.

“The interface on our old firewall was really horrendous,” he explained. “The most important features on the XSR are you can have an access control list as well as firewall configuration. This is just one system and previously we needed two systems.”

Valbuena’s only complaint about the box is that it doesn’t have more features. Although Enterasys will roll out limited intrusion detection capabilities for the routers later this year, Valbuena wouldn’t mind seeing more.

“I don’t know if we’re asking too much, but I’d like to see full intrusion detection,” he said. “Also we’d like anti-virus and support for e-mail. I guess that should be another product, but if everything could be integrated into one it would be great.”

Enterasys rolled firewall and VPN capabilities into the XSR series, because remote offices usually don’t have IT staff on hand to manage multiple on-site boxes, said Michael Bouchard, product marketing manager for the XSR line with Enterasys.

WAN modules for the routers include T-1, T-3, ISDN, frame relay and DSL options.

The VPNs, which incorporate technology from the company’s Aurorian VPN gateway line, include site-to-site capabilities as well as remote access VPNs.

The XSRs use the VPN client in Windows 2000 and XP.

Performance on the new XSRs ranges from 200,000 packets per second and 1,000 VPN tunnels on the XSR-3020 to 500,000 packets per second and 5,000 tunnels on the XSR-4100. Pricing ranges from US$5,995 to US$15,995. The XSR 3150 and XSR-3250 are available now. The XSR-3020 and XSR-4100 will ship in September.