Network Security Appliances nowadays refer to dedicated, custom PC's that bundle a suite of security services including a Deep Inspection Firewall, Virus Protection, Spam Protection, Intrusion Detection, Intrusion Prevention and Web Filtering. These appliances are often referred to as 'God Box' because they bundle many security services in one dedicated security appliance.

The benefits for the enterprise include a lower cost of ownership, due to a more centralized approach to security compared to multiple, de-centralized security services running on multiple servers, as well as higher performance.

Modern security appliances include a Network Processing Unit (NPU), to handle packet re-assembly and an ASIC (Application Specific Integrated Circuit) or FPGA (Field Programmable Gate Array) that execute critical security primitives such as pattern matching (e.g. PCRE), decompression (e.g. zip files) and classifiers (e.g. bayesian classifiers). Network traffic can theoretically be analyzed at 'wire-speeds' using this system - this means there is no performance degradation as a result of the analysis of packets.

Due to their custom architecture, network appliances run common security applications at higher throughput rates compared to traditional security software running on standard servers. I think by the end of the decade we will see all our favorite security applications running at multiple gigabit throughput rates on dedicated appliances.

Whether this trend will stop the rising tide of security breaches, remains to be seen however.

Log in or register to write something here or to contact authors.