Hewlett-Packard’s ProCurve division has added a security module for its two zl-series chassis switches, a move one industry analyst says significantly improves its data centre offerings.
The Threat Management Services Module (TMS) adds firewall, VPN and intrusion detection/prevention into the 5400 edge and 8212 core switches, eliminating the need for separate appliances in data centres with these units.
“This is a very easy way to integrate this functionality into your switch-chassis,” said Corey Copping, product marketing manager for ProCurve Canada.
At the same time the company said its ProCurve Manager Plus network management software and three software plug-ins are being upgraded.
The TMS module is similar to the ProCurve One modules announced earlier this year in that it plugs into the 5400 and 8212 switches.
The addition of the TMS module is “potentially game-changing” and another sign that ProCurve wants to become bigger in data centres, said John Kindervag, a senior security and risk management analyst at Forrester Research. Cisco Systems and Juniper Networks are other networking equipment manufacturers that are increasingly tailoring switches for data centres. However, Kindervag said that unlike others, HP understands that switches are becoming commodities – “routing and switching isn’t that hard” – and therefore management of devices is increasingly important.
ProCurve’s importance in the data centre will only increase thanks to last year’s US$14 billion purchase of EDS, he said. Not only is EDS a big user of servers and switches, it’s also a reseller of hardware to others.
To expand control over ProCurve switches, the company has integrated wireless management capabilities it gained from the purchase late last year of Colubris Networks into ProCurve Manager Plus,Copping said. Those capabilities have also been added to the 3.0 releases of software plug-ins to the suite, which are Mobility Manager (for managing wireless LANs), Network Immunity Manager (which expands internal threat detection) and Identity Driven Manager (which lets network administrators provision access).
These three software plug-ins are sold separately, with the price bases on the number of devices on the network. Coming shortly is the last Colubris module to be integrated into the management suite, Copping said, which will mark the total absorption of that company’s products into ProCurve.
The TMS modules come in two types: The $21,249 version with firewall and VPN, while the $24,499 version adds intrusion prevention plus a one year subscription for updates.
The stateful Level 3 firewall filters traffic crossing all VLAN boundaries with 3Gpbs throughput. The VPN has remote and site-to-site functionality with 300Mbps throughput. The intrusion prevention side uses signature-based detection both inline and offline, and offers up to 1.5Gbps of aggregated throughput.