LAN switch ups internal security

Foundry puts additional layer 2-7 security into switches alongside firewall front end.

Network vendor Foundry today made a bid to move enterprise LAN security beyond simple authentication and network access checks with the launch of what it describes as “the industry’s only LAN switches with added Layer 2 to 7 security”.

As well as the new SecureIronLS secure LAN switches, Foundry also announced the SecureIron Perimeter Traffic Manager, a system designed to increase perimeter security and optimise application performance across WANs.

Foundry’s Multi-Layer Switching and Security product line manager, Gopala Tumuluri, said firms that deploy different network access options like mobile, wireless and web connectivity, sometimes inadvertently make it easier for their networks to be breached. “The SecureIronLS is targeted purely at internal security. Its goal is to protect the core of your network, which is where most of your critical assets are, from the edge of the network where most of your dynamic devices are, or sometimes vice versa, since threats can also originate at the core,” he said.

The new SecureIronLS secure LAN switch uses a three-step process to control traffic. First, both user and device credentials are authenticated, then once the device has access, the switch enforces whatever service rights the user is entitled to. The third step aims to prevent network intrusions. The switch uses deep packet inspection to scan content at Layer 7, and these scans can then be repeated at intervals to ensure the user’s system is still free of malware.

The SecureIronLS secure LAN switch is available in two different models, SecureIron LS100 and LS300, with the LS300 promising three times the performance of the LS100. “Connectivity options can be 10/100Mbit/s links with gigabit uplinks, Gigabit Ethernet with gigabit fibre uplinks and we also have gigabit copper with 10GbE uplinks,” said Tumuluri. Prices start at e15,000 (£10,000) for the LS100 to e35,000 (£23,000) for the LS300.

Foundry’s Perimeter traffic Manager (PTM) is “a firewall front end that does ISP-linked traffic management, firewall clustering with high availability, and also denial of service protection and deep packet inspection at the perimeter,” said Tumuluri.