3Com will integrate its intrusion-prevention gear with its network equipment later this year in an effort to let customers quarantine attacks by shutting down switch ports and redirecting users to restricted virtual LANs.
The company's network switches will respond to commands from its TippingPoint Intrusion Prevention System (IPS) that sits in-line with traffic, inspecting packets to Layer 7 at wire speed and throttling or blocking suspicious traffic. The IPS will be packaged in blades that plug into 3Com switches and routers. 3Com bought TippingPoint last year.
With the new capabilities, the IPS could make switches close ports or shunt traffic to secure VLANs to quarantine devices and network segments where worms were found, a president at 3Com, Kip McClanahan, said.
The capabilities also would include changing switch and router access lists to restrict activity of infected machines and block IP addresses. New software and hardware would roll out over the next nine months.
This is similar to what other network vendors are planning or doing. Alcatel and intrusion-detection vendors team up to use the company's Automated Quarantine Engine in Alcatel switches. Nortel's switches also support third-party IDSes. Cisco's Clean Access software imposes similar restrictions. Enterays's Automated Security Manager quarantines via its switches.
3Com still would sell its TippingPoint gear as a device that could plug into networks made up of other vendor's gear, McClanahan said. This puts it in competition with other overlay security vendors such as Check Point Software, Caymas Systems, Vernier Networks and Lockdown Networks.
McClanahan said 3Com was tuning its TippingPoint equipment to support managed services. So a service provider might install the devices in customer networks and handle customers' network security.
The company also will announce new TippingPoint devices scale smaller than its current offerings to support networks with less traffic as well as faster devices for the largest backbone networks. The company also plans software upgrades to better secure VOIP.