With an eye to allowing data centers and service providers save space and money by eliminating some firewalls and virtual private network (VPN) devices, Check Point Software Technologies Ltd. Monday announced its VPN-1/Firewall-1 VSX (Virtual Systems Extension) software, which aims to allow companies to replace as many as 100 firewalls with one box running the software.
VPN-1/Firewall-1 VSX allows companies to replace those boxes because it can manage up to 100 different customer policies on just one device, according to Sweta Duseja, service provider marketing manager at Check Point. The software allows users to easily create and deploy policies for customers, she said. VPN-1/Firewall-1 VSX can handle up to 2G bps (bits per second) of throughput and will make it easier for administrators to deploy and manage policies, Duseja said.
A firewall is a security device used to block and filter unwanted network traffic and connections. A virtual private network is used to connect to a private network over the public Internet as if the connection were being made locally.
In order to run the VPN-1/Firewall-1 VSX software, customers will need to install a gateway device and a management server. The gateway device, which handles connections and firewall/VPN functions, must be a computer running either RedHat Inc.'s Linux 7.0 or Nokia Corp.'s IPSO 3.5. The software also requires an Intel Corp. Pentium II processor running at 300Mhz or better, 128M bytes of RAM and 40M bytes of hard disk space. The management server, where administration is done, runs on RedHat Linux versions 6.2 to 7.0, on the same hardware configuration as the gateway device.
The software will be a hit with data center and service provider customers, Duseja said, as those customers prize saving space, money and time spent on administration. The process of creating policies using the software is simple, requiring only that administrators create the policy, configure the gateway and then assign the policy to the gateway, she said.
Policies can also be deployed on a larger scale, she added, saying that a single policy can be published to a number of customers simultaneously. Policies already used by Check Point customers can be copy and pasted into the new software, though non-Check Point policies will need to be rewritten, she said.
VPN-1/Firewall-1 VSX will be available early in the second quarter 2002, at a starting price of US$24,000 for 10 users, $50,000 for 25 users, $80,000 for 50 users and $130,000 for 100 users.