 
|
|
In partnership with:
24 September 2004 Combination tools to oust point productsIDC has predicted that multi-function security appliances will have pushed out single-job firewall and VPN appliances by 2008. Adam Stein, VP corporate marketing at Fortinet, a multi-function appliance supplier, welcomed IDC’s finding that “firewall and VPN revenues are flat and going down”. In four years time they will have declined from 93.4% to 42.4% of the security appliance market. This is good news for Stein’s company, the current 'unified threat management' sector leader in IDC's view. The company has nearly 30% market share in this new category, representing sales of $30.9m. Meanwhile, Symantec has 22.9% market share, Secure Computing 21.7%, and Netscreen 5.9%. "There are others getting into the multi-functional area”, said Stein, citing Cisco’s bundling of Trend Micro and McAfee’s acquisition of Intruvert as examples. “But ultimately they are all trying to build a unified threat product from third party offerings that were never meant to co-exist”. "The problem that a lot of other appliance vendors face is that while you may be able to do one application at a reasonable speed, once you start to add other applications your speed degrades unacceptably. Fortinet, established by Netscreen founder Ken Xie in 2000, provides ASIC-accelerated, network-based antivirus firewall systems that work in real-time. Its FortiGate antivirus firewalls are, uniquely, ICSA certified for anti-virus, IPSec, firewall, and intrusion detection. However, ICSA has no multi-functional certification programme as such. Last week, UK IT consultancy Detica launched a new company to counter spam and malware at the public internet level, taking a similar high-speed chip approach to Fortinet’s. Simon Gawne, CEO of the new company, StreamShield Networks has said that Fortinet’s anti-malicious content technology is too static. “The threat-detecting rules written into the algorithm on an ASIC cannot be dynamically changed. We use a Field Programmable Gate Array that allows the silicon to be reprogrammed, as new threats come up. Nobody out there has built this scale of system with the flexibility of the FPGA chip design”. Stein counters: “the FPGA approach is the right idea conceptually and gives some performance benefits, but the cost implications make it the wrong idea. What we are doing is building an ASIC that gets upgraded by the FortiOS firmware. Detica’s approach is interesting, but will it scale?” Meanwhile, the supplier has launched its FortiGate 5000 series, which it has billed as the first to comply with the Advanced Telecom Computing Architecture standard, driven by Intel.
|
|