|
|
|
|
|
|
|
|
|
||
| internet.commerce | ||
|
Partner With Us |
Intrusion
Detection Systems:
Crossbeam Systems
Crossbeam's X-Series Security Platform is designed to provide a security architecture in a box.
[January 21, 2009] |
 |
Crossbeam Systems was founded back in 2000 to offer what company chief marketing officer Jim Freeze describes as a security architecture in a box. "We consolidate a significant amount of not only appliance infrastructure that's used to run security applications, but also network infrastructure like switches and load balancers, patch cabling, all of that into a bladed chassis solution," Freeze says.
The point, Freeze says, is that Crossbeam never set out to be a security software company. "Instead, what we wanted to do was to provide this highly scalable, consolidated and virtualized platform that would allow companies to choose a best in class software vendor for various security functions," he says. "So if you want Check Point for your firewall, no problem. If you want IBM ISS for your intrusion prevention system, no problem. If you want Trend Micro for your content gateway, we support it."
|
Crossbeam
Systems |
 |
Freeze says the resulting platform is particularly popular among service providers, with Crossbeam serving 11 of the world's 15 largest telecommunications carriers.
"They use it to provide security services for their internal IT infrastructure, and, increasingly, companies like BT are using Crossbeam to deliver managed services to their customers—a managed best-in-class firewall that's managed inside the BT infrastructure, inside the BT cloud, and delivered to the customer premise," he says.
The security platform
Crossbeam's primary offering is the X-Series Security Platform, available in two versions—a seven-slot chassis and a 14-slot chassis—which support three different types of blades: a network processor module, an application processor module, and a control processor module.
Each network processor module can support 10 Gbps of IP forwarding capability, while each application processor module replicates the computing power of an appliance. "We can do up to 10 of those blades in a single chassis, and they can all act as one large processor, or we can split the blades up among different security applications," Freeze says.
"So you might have two or three blades operating as a firewall, and three or four blades operating as an intrusion prevention system, all running on the same chassis." The third type of blade, the control processor module, manages the chassis as a whole.
"If a blade happens to fail, it has the ability to swap another blade in, in real time, to take its place," Freeze says. "It monitors the overall health of the chassis and applies ISV software to the blades."
Operating system
Freeze says much of the "secret sauce" of Crossbeam's offering lies in its operating system. "It's an open, secure, Linux-based operating system that supports a broad array of third party ISV applications. While we sell a hardware platform, the majority of our R&D actually goes into software development, into our operating system," he says.
It's the operating system, Freeze says, that allows multiple blades to act as one, supporting (and simplifying) linear scalability of security services. "If you've got two blades, as an example, running a firewall, and you want to double the capacity of that firewall, you simply stick two more blades in and you're done," he says. "You've doubled the capacity without having to mess with the network infrastructure at all."
Another key strength, Freeze says, is the ability to have multiple security applications running on the same chassis and handing traffic off to each other as if there were physical network infrastructure in place between them. "Essentially, it's the ability to hand traffic off at Layer 2 or Layer 3 between security applications—and it allows for policy enforcement consistent with the company's policy," he says.
Pricing and managed services
Pricing for Crossbeam's products varies depending on the configuration. "A typical configuration, where a customer's buying a chassis and some blades, could be anywhere from $100,000 all the way up to, if it's fully loaded, $300,000 or $400,000. But we find that we're very good at demonstrating the total cost of ownership associated with our solution versus the traditional appliance model," Freeze says.
"It's typical for our customers to see anywhere from a 15- to a 20-to-one consolidation of physical devices into our chassis, with plenty of room to grow. And it's typical to see at least a 50 percent savings in power and cooling, just because you're not powering 20 devices—you're powering one device."
That can be particularly attractive, Freeze says, for an ISP offering managed services. "Think about the ability to put in a bunch of blades and be able to support virtual firewalls on a consolidated chassis and provide an in-the-cloud managed firewall service to end users that's based on best-in-class software. That's a very compelling value proposition for the customer as well as for the carrier," he says. "It's easier for them to manage, it costs less for them to manage, and it scales much better."
— End
Online Resources:
Intrusion
Detection Systems Directory
IDS
Quick Reference Chart
| Related articles: | ||
| [Dec. 24, 2001] | White Paper: Reducing Network Security Risk | |
| [Sept. 25, 2001] | Physical Security Augments Logical Security | |
| [July 11, 2001] | ISP-Planet Survey: MSSPs | |
ISP-Planet's
RSS feed
The Network for Technology Professionals
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers
Webcasts
|
Webcast: Connecting PHP to Microsoft Technologies Video: Windows Azure Debugging Tips |
MORE WEBCASTS, PODCASTS, AND VIDEOS |