ServGate Technologies Inc., a VPN start-up with roots in China's elite Tsinghua University, will make its U.S. debut at NetWorld+Interop next month with a firewall/VPN gateway that would rank near the top of the field.
The company's crown jewel is the SG2000, a box designed to perform VPN processing and firewalling at full gigabit speed to protect busy data centers accessed over Gigabit Ethernet links.
Until recently, firewalls and VPN gear were in danger of becoming the bottlenecks in secure access to data centers because they could not keep up with the speed of Gigabit Ethernet LANs and Gigabit Ethernet WAN services. Only a handful of companies, such as Asita, Cisco Systems Inc. and NetScreen Technologies Inc., sell firewall gear that runs that fast. Check Point Software is revamping its firewall and VPN software to accommodate gigabit connections.
ServGate says it is building a wire-speed, full-duplex device that achieves gigabit throughput when fully loaded. The company claims it has tested the firewall using small, 64-byte packets, which stresses the device more than larger packets would because more come through per second. The VPN has not been tested, but relies on chips being made by Broadcom to support gigabit throughput for IP Security, Triple-DES encrypted VPN traffic, says Dave Buchanan, ServGate's vice president of marketing.
A single SG2000 can be segmented into virtual gateways that provide up to 500 users with what appear to be private firewalls and VPNs. This would let the box support departmental security within a large corporation or keep distinct the VPN policies applied to business partners sharing a VPN. This compartmentalizing also would support multiple customers of a service provider if the device were placed in a high-rise office building, Buchanan says. Individual security administrators would be able to access, set and change VPN and firewall policies for their users.
The SG2000 includes virus scanning from Symantec Corp., denial-of-service attack prevention designed by ServGate, and intrusion detection from an undisclosed third party.
ServGate was founded by Jun Li and Charles Shao, who are affiliated with Tsinghua University in Beijing, one of China's most respected technical schools. Li is manager of engineering and Shao is manager of manufacturing for ServGate. The company is partially backed by an entrepreneurial arm of the university called Tsinghua Enterprises.
So far its other products include the SG200, a 10M bit/sec firewall/VPN appliance for creating site-to-site VPNs; and the SG300, a 100M bit/sec throughput firewall/VPN gateway. The SG200 costs US$2,000 and the SG300 costs $US7,000.
The SG2000 firewall goes into beta tests next month and ships in the third quarter. The VPN is expected to ship in the fourth quarter. The box costs $US60,000 to $90,000 depending on the number of virtual gateways it supports and whether it includes VPN capabilities.