Alteon Switched Firewall

(1)

Alteon

Switched

Firewall

When it comes to ensuring the safety of your network, one size never fits all.

IT managers and network administrators need firewalls with different capacities to guard

against threats to their network infrastructure. Recognizing this, Nortel Networks has

developed the Alteon line of best-of-breed firewall solutions that seamlessly integrate into

an enterprise’s layered security strategy and enable them to realize greater return on their

infrastructure investment.

The solution:

Nortel Networks Alteon Switched Firewall System (ASFS)—with its unique

switch-accelerated architecture—offers unmatched flexibility by offering a broad range of

security options at different price points, tailored to the requirements of large enterprise

customers and service providers. The latest Alteon Switched Firewall products augment

the strength of the Alteon solution by providing additional configuration options for

high-performance security.

The Alteon Switched Firewall is a multi-component solution, managed as a single system.

It is a tight integration of two key components—an Alteon Switched Firewall Accelerator,

plus up to six Alteon Switched Firewall Directors. Using Check Point's Secure XL

technol-ogy and Nortel Networks Open Security Architecture, Firewall Directors communicate

with the Firewall Accelerator to setup and teardown firewall sessions in real-time.

Product update:

The Alteon Switched Firewall 6414 and 5106 are the newest members

of the ASF product family. Representing the evolution of Nortel Networks leading-edge

“switch-accelerated firewalls,” the ASF 6414 features an Accelerator platform based on the

Alteon Application Switch. It offers integrated Layer 4-7 content filtering, comprehensive

DoS protection, and IDS load balancing within the Accelerator OS, along with the

Layer 2-7 security provided by the Check Point NG with Application Intelligence stateful

inspection engine.

A quick-reference

aid to selecting the

Alteon firewall that best

meets a customer’s needs

(2)

Accelerator 6400 + Director 5014

•Accelerator-based content filter-ing, DoS protection, and IDS load balancing

•High performance: 4.2 Gbps throughput and up to 500,000 concurrent accelerated sessions, (1M total sessions)

•Switched-based session accelera-tion ensures minimal latency and network jitter when deploy-ing VoIP and streamdeploy-ing services •High port density for DMZs

(24 10/100 ports, four GBICs) in 2RU box

•Ability to offload CPU-inten-sive/NAT functions to the Switched Firewall Accelerator •Single System Image clustering

enables easy expansion and upgrades

•Plug-n-play provisioning elimi-nates need to discretely install and configure each firewall •Scalability: Up to 20K session

connections/sec per Director; up to 100K in a firewall cluster

$44,490

Incorporating the latest capabilities in application switching technology, the ASF 6414 is well-suited to address the challenge of today’s heightened corporate threat environment. The new platform offers improved port density and the processing power to perform application-layer inspection while ensuring firewall performance never impacts network throughput, even under the most demanding conditions, e.g., processing traffic with small packet sizes. Customers:Large enterprises and service providers needing to secure high-bandwidth traffic against increasingly sophisticated attacks.

Applications:Ensuring jitter-free traffic and low latency for enterprise VoIP, VOD (video on demand), and other streaming services

• Hosters, service providers, and large enterprises concerned with protecting against “flash crowds”

• Enterprises looking to consoli-date firewall security onto fewer devices

•Where support for secure voice and streaming applications is needed

•Where network growth and increasing demand for appli-cations is expected

ASF 6414

Part number: EB1639108 New

(3)

$51,990

The ASF 5714 is our top-of-the-line gigabit Alteon firewall solution, with the processing power, memory, and throughput to achieve maximum performance levels from the switch-accelerated firewall architecture and the integration of the Alteon Web switching platform, Check Point FW-1 NG, and Secure XL technology. With built-in firewall load balancing, health checking, and scalability. Customers:Large enterprises needing to provide and account for high bandwidth and differentiated client service.

Applications:Enterprise Intranet Virtual LANS, hosting, VoIP, VOD (video on demand) and other multimedia services.

•Hosters, service providers, and large enterprises concerned with protecting against “flash crowds”

•Where support for large number of virtual LANs to segment the corporate intranet is needed •Where network growth and

increasing demand for appli-cation security is expected

$43,990

Part number: EB1639116

The ASF 5614 is a high-performance accelerated solution, with the ability to support high-band-width applications and a large number of simultaneous users. With built-in firewall load balancing, health checking, and scalability.

Customers:Enterprise intranets/data centers interested in segmenting the corporate network into virtual domains, with specific policies applied to different groups, departments, etc. Applications:VoIP, with a focus on ensuring minimal latency for jitter-sensitive traffic.

•Large enterprises, supporting VLAN-segmented networks •Throughput is important, but

not typically associated with a very high number of simulta-neous users

•Where network growth and increasing demand for applica-tion security is expected

ASF 5714

ASF 5614

•High performance: 4.2 Gbps throughput and up to 500,000 concurrent accelerated sessions (1M total sessions)

•High bandwidth via 9 gigabit ports

•Single System Image clustering enables easy expansion and upgrades

•Plug-n-Play provisioning elimi-nates need to discretely install and configure each firewall •Scalability: Up to 20K session

•High throughput: 4.2 Gbps •Up to 170K accelerated

concur-rent sessions, 1M total •High bandwidth via gigabit

connectivity—9 GbE ports •Single System Image clustering

enables easy expansion and upgrades

•Plug-n-play provisioning elimi-nates need to discretely install and configure each firewall •Scalability: Up to 20K session

(4)

Alteon Firewall 5114 •Multi-gigabit stand-alone firewall appliance running Check Point NG

•Pentium 4 processor, running at 2.8 Ghz; 1.6 Gbps throughput

•Up to 8K session conns/second

•Up to 500K non-accelerated concurrent sessions

•VSX 2.0 support for virtual firewalls

•Quad gigabit connectivity, with dual fiber and dual copper ports

•Outstanding price/performance value, compared to competition

$15,995

•Medium- to large-size enter-prises or service providers

•Customers sold on the ASF architecture and value proposi-tion, but for whom a stand-alone solution that can exceed 1 Gbps is sufficient to address through-put requirements for specific segments of their network Accelerator 5400 +

Director 5009

$23,990

The ASF 5409 is an ideal perimeter security solution for medium-size enterprises or medium-size sites within a large enterprise. With built-in firewall load balancing, health checking, and scalability.

Customer:Enterprise call centers, looking for good throughput, with support for more simultaneous connections than the ASF 5114.

Applications:Call center clients, plus online interactive communications, e.g., VoIP, with a focus on minimal latency for jitter-sensitive traffic. With reasonable throughput, it is ideally suited to protecting IP PBXs in medium-sized enterprise networks.

•Enterprise environment where maximum throughput via gigabit connectivity is not an issue

ASF 5409

ASF 5114

The ASF 5114 is the top-of-the-line ASF “starter kit,” enabling customers to deploy a single Alteon stand-alone firewall and achieve multi-gigabit throughput and connectivity; with two 1000SX and two 10/100/1000 Mbps interface ports. Running Check Point FW-1 VSX 2.0, up to 250 virtual firewalls can be discretely configured to segregate customers or create separate domains within the corporate LAN.

Customer:Enterprises and service providers who have a need for a single high-performance firewall that can be flexibly deployed to protect one or multiple segments of their internal network. Also ideally suited to provide firewall protection at the perimeter, if the expected session load does not typically exceed 5,000 sessions/second under heavy traffic conditions.

Applications:High-performance complementary solution to the accelerated product offerings, providing

•Up to 600 Mbps throughput

•Up to 170K accelerated, concur-rent sessions, 500K total

•Fast Ethernet connectivity— eight FE ports, one 10/100/1000 Mbps port

•Single System Image clustering enables easy expansion and upgrades

•Plug-n-play provisioning elimi-nates need to discretely install and configure each firewall

•Scalability: Up to 20K session connections/sec per Director; up to 100K in a firewall cluster

(5)

The Alteon Switched Firewall 5106 is a platform refresh for the ASF 5105, with better performance at the same price. The Alteon Firewall 5106 is the lowest priced ASF solution, ideal for small enterprises, branch offices, or to protect network segments within a larger enterprise. The existing 5105 platform will be “manufacture discontinued” in Q204.

Customer:Enterprise CIO/IT administrators who appreciate the scalability inherent in the ASF architec-ture, but who need a very low-cost Check Point firewall solution in regional offices to protect internal resources and assets.

Applications:Ideally suited to complement the higher-end product offerings, providing firewall deployment flexibility, coupled with Check Point’s FW-1 NG security protection and features.

Alteon Firewall 5106 •Non-accelerated Check Point solution

•Up to 300 Mbps throughput

•Quad FE ports for DMZ connectivity

•Lowest ASF price point

$5,495

•Small- to medium-size enter-prises or branch offices in larger enterprises

•Price-sensitive customers who need a low-cost Check Point firewall for specific segments of their network

ASF 5106

Alteon Firewall 5109 $11,995

•Medium-size enterprises

•Price-sensitive customers already sold on the ASF architecture and value proposition, but who need a lower-cost alternative for specific segments of their network

•Great ROI, based on throughput

ASF 5109

The Alteon Firewall 5109, with a Pentium 4 processor running at 2.8 Ghz, provides robust high-performance throughput and deployment flexibility for the low-to-mid-range market. The 5109 is a stand-alone security appliance with a Check Point stateful inspection engine, offered at a very competitive price point. Customer:Enterprise CIO/IT administrators who understand the value proposition of the ASF architecture, perhaps having deployed an accelerated ASF solution at the Internet gateway, and want to deploy a cost-effective stand-alone solution with great performance in branch or regional offices to protect internal resources and assets.

Applications:Ideally suited to complement the higher-end product offerings, providing firewall deployment flexibility and scalability, coupled with Check Point’s FW-1 NG security protection and features.

•High-throughput stand-alone Check Point solution

•Pentium 4 processor, running @ 2.8 Ghz; 1 Gbps throughput

•Up to 8K session conns/second

•High bandwidth: gigabit connectivity—2 10/100/1000 ports

•Dual FE ports for DMZ connectivity

•Competitive price point

(6)

USA

In Canada:

Nortel Networks 8200 Dixie Road, Suite 100

Brampton, Ontario L6T 5P6 Canada

In Caribbean and Latin America:

Nortel Networks 1500 Concorde Terrace Sunrise, FL 33323 USA

In Europe:

Nortel Networks Maidenhead Office Park

Nortel Networks is an industry leader and innovator focused on transforming how the world communicates and exchanges information. The Company is supplying its service provider and enterprise customers with communications technology and infrastructure to enable value-added IP data, voice and multimedia services spanning Wireless Networks, Wireline Networks, Enterprise Networks, and Optical Networks. As a global company, Nortel Networks does business in more than 150 countries. More information about Nortel Networks can be found on the Web at:

www.nortelnetworks.com

For more information, contact your Nortel Networks representative, or call 1-800-4 NORTEL or 1-800-466-7835 from anywhere in North America.