Nortel Networks on Monday unveiled an architecture meant to promote security from all angles in an enterprise network — both data and telephony, including voice over IP.
The company also announced two products that comply with the architecture, one for building SSL-based extranets and the other a security-ready router/gateway.
Nortel’s Unified Security Architecture is intended to be an all-encompassing blueprint that addresses each layer of a communications infrastructure, including authentication, data encryption, application-layer security, policy management and secure network management.
The blueprint is meant to provide for scalability and the “right level of performance and security,” says Fred Weiller, security solutions marketing manager for Nortel. “You can’t let security diminish performance.” He also notes the architecture is not Nortel-specific and can accommodate security tools from various Nortel partner companies.
Among the first new products that support the architecture is the Alteon SSL 410, a new version of Nortel’s existing line of SSL accelerators that can also be used to build extranets based on SSL rather than more complex virtual private networks (VPN).
The new 3.1 version of the device’s operating system adds authentication options to its existing digital certificate support, including RADIUS, RSA Security’s SecurID and LDAP-based authentication.
Also included is support for a variety of legacy applications — including email, ERP and file transfer, along with Web applications and e-commerce. That enables users to extend existing applications to customers, suppliers and business partners via an SSL extranet, Weiller says. An address translation feature helps companies extend their existing intranet applications to outside users.
The new device also contains a faster cryptographic accelerator card, and can handle 16,000 concurrent SSL sessions.
It is priced at $24,995 and will be available the first week of October.
Nortel also announced release 4.7 of its Contivity gateway software, which extends the Secure Routing Technology (SRT) the company announced in May.
John Gray, product marketing manager for the Contivity line, says to date Contivity has focused on the market for remote access, branch office type VPN deployments. The idea behind SRT is to address a broader market for IP services equipment that can perform numerous functions, starting with traditional routing but adding functions such as VPN as needs dictate.
SRT is an alternative to “bolting on” security functions to existing equipment, such as adding cryptography to a router, and using a firewall with access control features. With SRT, users can employ a single Contivity platform and unlock software that supports various functions, as they are required. The platform can support services ranging from IP routing, frame relay, security for IP telephony and wireless LAN installations, VPNs and firewalls.
Nortel also announced new configurations for various Contivity devices that allow for lower initial prices. The Contivity 1700 and 2700 were originally configured to support 500 and 2000 simultaneous VPN connections at a cost of $7,000 and $20,000, respectively.
New configurations, with support for as few as five VPN tunnels, start at $3,600 for the 1700 and $7,300 for the 2000. The Contivity 1000 supports a maximum of 50 VPN tunnels and starts at $999 for a five-tunnel configuration.
For more information, click here.