Lucent Hurries New VPN Firewall Production

Lucent Technologies is putting the pedal to the metal in its new VPN firewalls for carriers and large enterprises.

On Monday, the company introduced two firewalls with more performance for the money than the devices they replace. The gear is designed to secure huge numbers of simultaneous sessions over a company’s or carrier’s network: as many as 3 million on the top-of-the-line VPN Firewall Brick 1200 HS.

The growth of voice over IP and video traffic is helping to raise requirements for security power on both enterprise and carrier networks. The Lucent products are designed to secure those latency-intensive applications, as well as other traffic, at higher speeds. Among other things, the Murray Hill, N.J., company is now carrying out advanced encryption standard (AES) encryption on an accelerator card rather than in software, said Joe Raccuglia, general manager of the Lucent VPN Firewall unit of Bell Labs. The firewalls announced Monday also include intrusion detection and protection against denial-of-service attacks.

The VPN Firewall Brick 700, designed for enterprises and for carrier central offices, replaces the Brick 350. It boasts firewall performance of 1.7Gbps, up from 787Mbps in the previous product. The new product can encrypt data traversing the network at 425Mbps using triple data encryption standard (3DES) and 350Mbps with AES. It can support 7,500 VPN tunnels simultaneously. The number of ports has also grown; the Brick 700 has eight 10/100/1000Mbps Ethernet ports.

The VPN Firewall Brick 1200, Lucent’s biggest VPN firewall, replaces the Brick 1100 and comes in two forms. The standard unit can firewall 3Gbps of traffic and encrypt packets with 3DES or AES at 1.1Gbps. That version can handle 2 million simultaneous sessions and has eight Gigabit Ethernet ports for copper cables as well as two for fiber. It offers roughly the same performance as the 1100 but at about one-third the price and half the size. The 1200 takes up 2U of standard shelf space and is priced starting at US$29,995. The 1100, a 4U product, costs about $75,000 and up, Raccuglia said.

The 1200 is also coming out in a faster version, the 1200 HS, which has 4.5Gbps of firewall speed and can do 3DES or AES encryption at 1.7Gbps. It supports as many as 20,000 VPN tunnels. The high-speed version has 14 copper and six fiber Gigabit Ethernet ports. It is available now for between $59,995 and $69,995.

Also Monday, Lucent unveiled version 9.1 of its Lucent Security Management Server software. The new version includes a feature developed at Bell Labs, called Rules Based Routing, that lets the firewalls detect certain types of packets and send them to a third-party security appliance for antivirus scanning, spam filtering or another function. For example, the routing system could identify HTTP packets and send only them to a content-filtering device, Raccuglia said. That would free the filtering device from having to inspect other types of packets that don’t require it, he said.

All the new firewalls are available now. The previous models will remain available for the time being without a price cut, mostly to finish ongoing rollouts, Raccuglia said. Lucent expects to merge with Alcatel by the end of this year. It is too soon to say what impact that deal may have on Lucent’s VPN firewall business, said company spokeswoman Devon Prutzman.

By Stephen Lawson, IDG News Service (San Francisco Bureau)

Keep checking in at our Security Feed for updated news coverage.