Network Appliances Information
Network appliances are inexpensive personal computers (PC) or computer boards that provide Internet access and promote network security. They lack many of the features of fully-equipped PCs, however.
Network appliances are often used for:
- network admission control (NAC)
- firewall security
- virtual private networks (VPN)
- traffic management functions
Some products are used as web servers, cache servers, or file servers. Although most network appliances are not as powerful as a server or dedicated PC, these network devices combine processing power and memory with software and a communications interface.
Scalability should be considered when selecting devices for computer networks. Specialized products called network backup appliances have all of the hardware and software needed for data backup, archiving, and disaster recovery activities. Network appliances that are used for security applications typically provide routing, firewall, and VPN features. Often, these network security devices are housed in a campus data center or other secure on-site or off-site location. Performance specifications include:
- firewall throughput
- maximum firewall connections
- maximum firewall connections per second
- packets per second
- maximum VPN throughput
- maximum site-to-site and remote access VPN sessions
Maximum and bundled secure socket layer (SSL) VPN user sessions are also important parameters to consider. Additional specifications for network appliances include device memory, minimum system Flash memory, the number of integrated ports, and the maximum virtual interfaces for virtual local area networks (VLANs).
Network appliances differ in terms of expansion capabilities and features. Some products provide service switching point (SSP) expansion or support. Within a signaling system 7 (SS7) network, SSPs serve as switches for a telephone central office. Expansion capabilities may also include intrusion prevention and concurrent threat mitigation. Features for network appliances include proprietary software, application-layer firewall services, layer 2 transparent firewalling, security contexts, and high-availability support for active/standby (A/S) and/or active/active (A/A). GTP and GPRS inspection, SSL and IPsec VPN services, and VPN clustering and load balancing are also available. GPRS Tunneling Protocol (GTP) is a set of IP-based protocols used with General Packet Radio Service (GPRS). Network appliances may also support Internet Protocol Security (IPsec), which authenticates and encrypts each IP packet in a session.
ChrisDag / CC BY 2.0