Symantec, CipherTrust load up security appliances

New incarnations of integrated boxes help make security more strategic

Much like most enterprise-class IT tasks, security can become weaker when a company network is bogged down with too many devices. Management borders on the impossible and IT can never quite get as clear a picture of its own security as it needs.

With that in mind, both Symantec and CipherTrust on Monday announced new integrated appliances that build out their security offerings.

Now in its third generation, the new Symantec Security Gateway 5600 Series consists of an updated hardware platform, Version 9.0 of the company's client VPN technology, and a new edition of the Symantec Security Gateway software.

Symantec is offering three models of the appliance. The high-end 5660 protects as many as 5,000 nodes, carries redundant disks and power capabilities, has 10 Gigabit Ethernet ports, and can handle 3.0Gbps throughput. Up to four fiber ports are optional.

On the software side, the 5600 Series features enhanced content filtering, including dynamic document review, integrates the appliance with Symantec's SSL VPN, and brings client compliance features to help IT ensure that end-users are up-to-date.

"Customers who have the 5400 and 4400 series can upgrade the software without buying the 5600 Series hardware," said Michele Araujo, senior product manager, Symantec, "unless they want to take advantage of the new hardware features."

CipherTrust, for its part, announced a new version of its security gateway, IronMail 6.0, along with IronMail Edge and the TrustedSource Portal. IronMail 6.0 offers enhancements to the anti-spam, mail IDS, mail firewall, as well as advanced zombie detection and blocking. The gateway also has been more tightly integrated with CipherTrust's TrustedSource Portal. In addition to better visualization and more effective detection because of the portal, now administrators can hyperlink to check on a sender's identification.

The TrustedSource Portal provides information on e-mail sender reputation by domain and IP address, across all the Domain Keys, Domain Keys Identified Mail (DKIM), and SenderID and Sender Policy Framework (SPF) authentication standards.

"What [administrators] are seeing is essentially a worldwide view of e-mail senders," claimed Jay Chaudhry, CEO of CipherTrust.

IronMail Edge can be used to block up to 50 percent of the spam messages a customer receives at the edge of the network. Because those messages never enter the network, they don't consume network bandwidth, require less server utilization and they don't need to be archived for regulatory compliance.

Even though the appliances offer a range of functionality, customers "generally buy two of the applications" that can be used in the box, according to Jon Oltsik, a senior analyst at consultancy Enterprise Strategy Group.

"You won't see many people buy an appliance and say 'let's turn on all the functionality,'" Oltsik explained.

He added that after years of being brain-washed to buy best-of-breed point products, customers are now more interested in integrated solutions that handle a number of security operations, be those hardware appliances, software programs, or a combination of both.

"I'm seeing more strategic security now than I did two years ago," Oltsik added.