When it comes to adding to or upgrading network appliances for remote workers or small offices, the options are plenty.
Most remote or small offices have Internet access or security appliance boxes that combine three or more of the following functions:
Broadband link -- either for cable modem or DSL (if not both, as in many models from D-Link Corp., Linksys, Belkin Corp., Netgear Inc. and others) along with a network bridge to Ethernet (usually 10/100);
Multiport switch -- (most common) or hub (less common nowadays, but still available), with four or more ports;
Various security or networking services -- usually including a firewall, Dynamic Host Configuration Protocol (DHCP) and Network Address Translation (NAT). This could also have content filtering, URL filtering and/or intrusion detection or prevention.
Below is a selection of products that you can either plug into an existing network periphery or use to replace existing gear at the network boundary. I've identified items as in-line when they plug into an existing periphery or replacement when they are intended to replace existing
- AlphaShield Firewall (in-line, small networks): This very capable firewall from Vancouver, B.C.-based AlphaShield Inc. plugs into an existing network and is perfect for small branch office use.
- Advantech Co. (in-line or replacement, small to medium networks): This company in Taipei, Taiwan, builds OEM hardware that many other companies use for security appliance hardware. Advantech is worth knowing about not only because of its products, but also because of the other products that its platforms make possible.
- AirTight Networks (in-line and replacement, small to large networks): This Mountain View, Calif.-based company offers a broad range of wireless networking security and performance management products, as well as wireless LAN planning and vulnerability analysis tools and services.
- Cymphonix (in-line, small to large networks): This company in Sandy, Utah, offers extremely innovative in-line network monitoring, content filtering and event management capabilities. Cymphonix's offerings span a wide range of capabilities that include threat management, application performance monitoring and network analysis. The tool can identify not only malware entering a network, but also which host is affected thereby.
- D-Link (in-line, small networks): This well-known networking hardware vendor in Fountain View, Calif., is building an increasingly wide and sophisticated line of appliances. Current offerings include items like the SecureSpot, which bundles firewall, antivirus, antispyware and other functions in a single box; and an Internet/Voice over Internet Protocol (VoIP) accelerator, which prioritizes time-sensitive protocols for VoIP and video. It also offers other applications to help deliver better networking experiences and numerous hot-spot products for public and private wireless networks.
- Hawking Technologies Inc. (in-line, small networks): This innovative Irvine, Calif.-based networking hardware vendor offers the HBB1, which is described as a "broadband booster" for prioritizing VoIP and other time-sensitive networking protocols. It's designed to help small networks improve performance and usability of VoIP, NetMeeting and other time-sensitive session-oriented communications.
- McAfee Inc. (in-line, small to large networks): The well-known Santa Clara, Calif.-based provider of antivirus and other security software and services also offers a broad range of network appliances, among which its IntruShield intrusion detection and prevention appliances are of great interest. These tools provide advanced risk mitigation capabilities, along with virtual perimeter and constantly updated threat identification and protection.
- Network Engines Inc. (in-line and replacement, small to large networks): One of many companies that use Advantech platforms, Canton, Mass.-based Network Engines offers a family of products that provide traffic filtering, application security, protection against unwanted/unauthorized software and even Web security solutions.
- Symantec Corp. (in-line and replacements, medium to large networks): The Cupertino, Calif.-based company's Gateway Security appliances complement other products that aim at e-mail security; virtual private networks (VPNs); centralized, policy-based security management and other services. The Gateway 1600 appliances are probably of greatest interest to small and midsized businesses, and offer a firewall; antivirus protection; intrusion detection and prevention; antispam, anti-adware and antispyware; and URL-based content filtering, plus IPSec and Secure Sockets Layer VPN support.
- ZyXEL Communications Corp. (in-line, small networks): Though this company is best-known for its VoIP offerings, many of its handsets integrate firewall, switch, NAT, DHCP and other security services in a single small-office solution.
Bottom line: Convenience has a lot of value. If small office/remote users are often willing to pay up to $1,000 or more for the convenience of network appliances that are easy to install, configure and use, then the value of convenience only escalates with size. (Appliances that target medium and large networks generally cost $2,000 to $15,000 and up.) The value of intelligently configured, self-updating and reasonably secure network add-ins or replacements cannot be overstated or oversold.
Ed Tittel is a full-time freelance writer and trainer based in Austin, Texas. He specializes in markup languages, information security and IT certifications. Ed has also contributed to a recent book on home theater PCs and is currently working on books about gaming PCs and MythTV.
This was first published in April 2006