Nortel Networks Ltd. says its latest gateways not only offer easy management, but also provide the right balance between security and control. According to one industry analyst, such equilibrium represents a significant technology breakthrough.
The Brampton, Ont.-based network gear maker last month unveiled new versions of its Contivity Secure IP Services Gateways: the 1010, 1050, 1100, 1700 and 2700. These WAN-edge devices bring together the functions of a VPN, a firewall and dynamic routing for simpler management.
“Typically [a company would] have…a router to route traffic, a firewall to provide security and if they’re worried about security over a shared Infrastructure like the Internet or a carrier’s IP backbone, they would have a dedicated VPN appliance,” said Scott McFeely, the Boston-based general manager of Nortel’s IP services product portfolio. “We actually believe that the world of dedicated boxes-per-function is costly.”
Of note is Nortel’s “secure routing technology” (SRT), which brings together VPN security and dynamic routing for equal parts protection and control. McFeely said Nortel’s SRT is the first technology of its kind.
“The industry standard for VPN and tunnelling technology has been IPSec. But the IPSec standard doesn’t address dynamic routing over IPSec tunnels. We were forcing, if you like, our customers to choose between either giving up the dynamic routing protocols or giving up their security from a VPN perspective.”
With SRT, “we’ve solved that problem,” McFeely said. “And we’ve taken that solution to the IETF (Internet Engineering Task Force) to make it available to the industry.”
Mark Fabbi, a Toronto-based analyst with Gartner Inc., said SRT represents an important step forward in network technology.
“You can have a number of established VPN sessions to create a mesh environment, and have the SRT route traffic across both secure and unsecure links. You’re combining IP routing with the ability to create an arbitrary VPN backbone. That’s pretty unique in the marketplace.”
Ben Lasher, spokesman for Analog Devices Inc. – an electronics manufacturer in Norwood, Mass. – is testing the Contivity 1100 gateway in his company’s lab. Although he has yet to try the SRT function, Lasher said he expects big things from Nortel’s technological advancement.
“We have large VPN Contivity boxes located throughout the world. If this can plug an office into the closest one of our POPs…and automatically route to an alternative one if that site is down, that’s huge.”
The Contivity announcement follows many other new products from Nortel, including an update for its BayStack line of Ethernet switches and the Succession Communications server. Fabbi said it’s good news from a company otherwise beset with financial problems.
“They’ve realized they ignored the (enterprise) market a little too long. They’re a little apologetic about it when you talk about it. But at the same time they’re saying, ‘We haven’t given up here.’ And when you look at their products, there’s some pretty neat stuff coming out.”
Nortel’s Contivity gateways numbered 1010, 1050 and 1100 cost approximately US$1,000 to US$1,499. The 1700 is priced near US$7,000 and the 2700 around US$20,000. For more information, consult Nortel’s Web site at www.nortelnetworks.com.