3Com to blend security brains, enterprise brawn

The company will combine TippingPoint intrusion technology with gear from its former Huawei joint venture

3Com plans to integrate intrusion prevention technology from its TippingPoint subsidiary into networking gear from its H3C division as part of a strategy to deliver streamlined secure networks at less cost and power consumption than marquee vendors.

The company kicked off its initiative on Monday with appliances and switch modules based on VPN (virtual private network) technology from H3C.

Early next year it will start introducing blades with the TippingPoint IPS (intrusion prevention system) for its modular networking products, according to Gary Kinghorn, product marketing manager for security at 3Com. Also beginning next year, the company will build a single management platform from TippingPoint's Security Management System (SMS) and H3C's Intelligent Management Center (IMC) software.

H3C began in 2003 as a joint venture between 3Com and Chinese networking giant Huawei Technologies, focused on giving Huawei a way into the U.S. market and giving 3Com a stronger enterprise lineup.

Long overshadowed by Cisco, 3Com had retreated from the large enterprise market to aim solely at small and medium-sized businesses, where the company's original brand is still focused. 3Com bought out Huawei's portion of H3C in 2007, but the company still develops and builds products in China.

3Com began talking about integrating TippingPoint's intrusion prevention smarts into its network gear soon after it bought the company for $US430 million in 2004. It even brought those elements together in a set of products based on 3Com's SMB gear.

But it took time for enterprises to embrace the concept and for network equipment to be able to support such functions, said John Vincenzo, 3Com's vice president of corporate marketing.

Cisco Systems and Juniper Networks have been pushing the integration of higher-level functions such as security into the network infrastructure for the past few years.

On Monday, 3Com introduced the H3C SecPath family of standalone firewall appliances, ranging from the F1000 to the F5000-A5, a chassis seven rack units high that can accommodate several of the appliances.

The F5000-A5 can provide line-rate protection for multiple 10G bps (bits per second) connections, and a fully configured rack can perform at 40G bps, Kinghorn said.

The company also rolled out the H3C SecBlade modules, which are designed for integration into the H3C Switch 9500E and 7500E Ethernet chassis devices and the H3C Switch 5820 stackable product family. The modules offer between 6.5G bps and 8G bps performance.

The firewall products are based on the H3C Comware operating system. They can perform stateful packet inspection filtering and let administrators set up multiple zones with separate firewall instances, which 3Com calls "virtual firewalls," so administrators can enforce different rules for employee and guest networks and wired and wireless LANs, according to 3Com.

The firewalls can also look inside IPSec VPN tunnels to detect attacks, block specific kinds of traffic and e-mail attachment types, and prioritize traffic based on business policies. 3Com said its products take up less space and consume far less power than those of competitors.

U.S. government scrutiny probably helped to stymie 3Com's bid to bring TippingPoint capabilities into H3C products, said Yankee Group analyst Zeus Kerravala.

"I'm not sure they really could have done it any faster," Kerravala said.

In 2008, Bain Capital abandoned a proposed deal with Huawei to acquire 3Com because the U.S. Committee on Foreign Investment in the United States (CFIUS) delayed it. Critics saw danger in allowing TippingPoint's intrusion prevention technology to get into the hands of a Chinese entity.

The market is ripe for converged security and networking, Kerravala added. The scale and speed requirements of today's networks call for integration, he said.

"It's hard to build a really big network if you're using a bunch of (discrete) security appliances," Kerravala said.

The F-series appliances are available now. The F1000 starts below $US10,000 and the F5000-A5 starts below $US100,000. The SecBlade VPN Firewall modules are available now for the 7500E chassis and will ship for the 5820 and 9500E chassis in the fourth quarter. They are priced starting below $US25,000.

Join the CSO newsletter!

Error: Please check your email address.

Tags 3Comintrusion prevention systemssecurityvpn

More about 3Com Australia3Com AustraliaCiscoCiscoF5HuaweiIPSJuniperJuniperTippingPointTippingPointYankee Group

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stephen Lawson

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place