Nortel Switched Firewall 6624
June 10, 2005
- Ease of Use:
- Value for Money:
- Overall Rating:
Flexible and fast firewall system.
An incredibly fast unit, but the documentation needs work to make it easier to configure.
Nortel's whole approach to security is different to the other manufacturers on test, as this bundle incorporates two products: the 6600 Accelerator and the Director 5024 firewall.
The firewall itself is the same specification as the existing 5014, except that it features a VPN accelerator as standard.
As with Nokia's IP380, the 5024 uses Check Point's Firewall-1 NG to filter traffic. Again, this gives a neat differentiator between managing the hardware and software – some administrators can be given access to the web-based management for physical hardware management, while Check Point's console leaves security to other managers.
It features the excellent Firewall-1 security. With two copper and two fiber SX Gigabit Ethernet ports, this is a powerful firewall in its own right.
But it is the Accelerator 6600 that makes the real difference. Installation is very similar to the Director – we had to use the CLI before administering the hardware using the web interface. This is more difficult than it sounds, as the documentation is spartan and difficult to follow.
Once it has been configured, the Accelerator 6600 sits before the 5024 and accelerates traffic by offloading work from the firewall. It performs deep inspection on all incoming packets at wire speed, preventing attacks and unauthorized traffic. Up to 224 filtering rules can be put in place, denying traffic by application type, protocol and source/destination IP address. According to Nortel, this offloading leaves the firewall to deal with core security concerns and provides throughput of up to 7Gbps. And because six firewalls can be connected to two accelerators, this is a flexible product for increasing throughput, particularly for critical systems such as web applications.
But it does increase the burden of management, because you must manage an additional box and your existing firewall, and generate a new range of filtering tools. Also, the accelerator will only work with Nortel firewalls.
The confusing and bare documentation means it takes time to get used to. But once past that, this is a fast, modular solution that will be of particular use to those needing high throughput.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator