Security appliance vendor ServGate aims to drive down the price of Gigabit speed firewalls by using network processors rather than ASIC-based or software firewalls in its line of firewall gateways.
Ease of deployment and the (theoretically) enhanced security that comes from a hardware-based approach is causing a shift in the market from software firewalls to appliance sales - a trend ServGate intends to exploit, albeit with a slightly different approach to that of more established vendors like NetScreen.
In addition to Firewall and IPSec VPNs, ServGate's line of Internet Security Gateways feature a variety of services such as web caching, URL filtering and more.
Top of the range is its SG2000 firewall appliance, launched in the UK yesterday, and designed to sit in the core of enterprise intranets or service provider networks. Two versions of the product are available, SG2000L, which features 50 Virtual Gateways (independent security domains) and the SG2000H, which features 500 Virtual Gateways. Each is based on Intel IXP 1200 network processors.
Peter Ruyters, European managing director of ServGate, said prices of between $40,000 to $85,000 for the SG2000 compared favourably with the $100,000 or more customers might pay for comparable ASIC-based firewalls from the likes of NetScreen.
Although competitive on price, ServGate's appliances can't match NetScreen's products on raw horsepower. Firewall performance of the SG2000 is around 1.5Gbps compared to 12Gbps for Netscreen's top of the range 5,400 firewall.
Peter Crowcombe, a marketing manager at NetScreen, said using network processors gives a performance somewhere between using software and that achieved using ASICs, which are expensive for short production runs. He dismissed claims from ServGate that NetScreen's hardware lacks flexibility, pointing out that its appliances feature programmable RISC processors as well as hard-wired ASICs.
As well as pitching itself against NetScreen, ServGate also aims to pinch share from vendors like Watchguard and Sonicwall at the lower end of the market with products based on mainstream Pentium processors.
There's two products here: the SG300 (for SMEs), a 200 Mbps Firewall and VPN appliance that features integrated virus scanning (using software from McAfee), Web caching, DMZ and high availability features; and the SG200 (for telecommuters), a 75 Mbps Firewall and VPN appliance that features Web caching, DHCP server, PPPoE.
ServGate distributes its products through TechData in the US. It set up in Europe this March and signed a distribution agreement with Tech Data/Computer2000 in the UK late last month which sits alongside a distribution agreement with MindShare in Europe and Dutch VAR Imtech.nl. ®