When Enterasys Networks Inc. realized that large enterprises weren’t willing to spend $30,000 to $50,000 to secure their remote sites, the company decided to scale down its network infrastructure offerings and make a condensed and much cheaper appliance available to customers.
Enterasys basically re-engineered its routing Dragon Intrusion Defense product line into a smaller form factor, said Jim Lord, product marketing manager for Dragon intrusion detection system (IDS). And out of that re-design came the recently released Dragon Remote Site (RS) IDS.
“Now I have a smaller form factor that can sit out at the branch offices,” Lord noted. “If a customer is running Dragon already at their corporate site, now they can really cost effectively leverage that IDS investment and start to monitor the traffic and the attacks…that are going on at the regional offices.”
The Dragon RS carries a price tag of US$3,995 and can handle between 10Mbps and 15Mbps of traffic, according to Lord, adding that it is not suited for core gigabit environments but rather as a backside of a T1 that might sit at a customer’s site.
“Remote office protection is an important issue because remote offices can be an entry point, almost a back-door or secret passage-way to the main office,” explained Steve Poelking, director of research at IDC Canada Ltd. in Toronto. “Protecting the complete perimeter is an increasingly important objective for enterprises.”
Poelking said he is seeing a growth in supply and demand for this kind of multi-function security appliance for various reasons. He cited the fact that they are plug-and-play and do not require sophisticated technical knowledge to install as key reasons why desire for remote security has increased recently.
The fact that security appliances have a specific level of imbedded performance with customizable features based on hardware, operating system and database packaging, while software solutions depend on whatever hardware configuration the reseller or customer uses, is another factor making security appliances attractive, according to Poelking.
Also, he added, the fact that customers don’t need to license an operating system or database when using a security appliance because it is an integrated component of the solution is also a motivator for companies considering the technology.
The security needs of remote sites are well established, explained Anthony Allan, a research director at Gartner Group, adding that it is more recently that tailored solutions have been offered to customers.
Allan agreed with IDC’s Poelking that key benefits to security appliances like Dragon RS include ease of deployment and management and added that companies including Symantec Corp. and Internet Security Systems Inc. (ISS) also offer devices that cater to this need.
ISS expanded its security offerings in 1999 with the acquisition of Netrex Inc., a managed security service (MSS) provider, which brought Netrex’s ePatrol technology to ISS, allowing the company to offer a set of remote security management services.
ISS also offers its Proventia Enterprise Protection line of products, which is managed by its SiteProtector centralized management system. According to ISS, Proventia provides protection for every environment, including remote offices.
On the remote security front, Symantec offers On Command Remote, a solution that allows an organization to have full control of any PC or file server on the network from any PC. According to Symantec, when dealing with remote locations, On Command Remote can run over a dial-in connection which has been established through a point-to-point protocol (PPP) remote access server, allowing the enterprise all the support required on the remote network.
Enterasys’ Lord said he is pushing for the company to incorporate Dragon RS’s capabilities into its switching line so that the IT staff that is managing switching and routing networks won’t have to buy different products.
“We’d like to see these features show up as part of the product lines,” Lord said.” “We’d like the switching and routing infrastructure to get smarter and not add different boxes that have to be tuned separately.”