Broadcom Secures Enterprise Networks

Latest StrataXGS® III Gigabit Ethernet Switches Enable Network Admission Control and Support Microsoft's Network Access Protection Policy Enforcement Technology

Broadcom Corporation, a global leader in semiconductors for wired and wireless communications, today announced a new generation of multi-layer Gigabit Ethernet (GbE) switches designed to improve enterprise network security through a highly scalable and easy-to-manage security infrastructure. This latest generation of Broadcom StrataXGS III Gigabit Ethernet switches features new BroadShield security technology, which enables network admission control (NAC) and supports Microsoft's Network Access Protection policy enforcement technology to achieve dramatically improved network security and manageability when compared to existing solutions.

Network security is one of the top concerns for enterprise IT network managers, given the prevalence of hacking, malware and inside security threats, as well as, the need to comply with government regulations. It is a challenge to implement security profiles for one user, let alone an enterprise network with hundreds, or thousands, of users. Additionally, IT professionals prefer standards-based solutions (versus proprietary solutions) to ensure interoperability between multiple hardware and software vendors. As a result, next-generation switching solutions must keep pace with the ever changing security threats in enterprise networks, and the underlying security infrastructure must be cost-effective, as well as easier to implement and manage.

Announced today is the Broadcom StrataXGS III BCM56510 series of multi- layer Gigabit Ethernet switches, a follow-on series to the company's widely deployed BCM56500 series. All products in the BCM56510 series are equipped with BroadShield security technology, a multi-layered security framework that includes a robust set of standards-based features to dramatically improve security while delivering unmatched scalability. The key security features include standards-based authentication, user quarantine, denial of service (DoS) attack prevention, 'man in the middle' attack prevention, spoofing prevention, and support for advanced access control lists (ACLs).

"The breadth of security features in Broadcom's BroadShield technology addresses our customers' needs for a more robust and scalable enterprise security infrastructure," said Eric Hayes, Director of Marketing, Broadcom Enterprise Switching line of business. "Broadcom is setting the stage for standards-based networks where endpoints and switches can interoperate in today's complex multi-vendor environment."

Through BroadShield technology, Broadcom's new BCM56510 series of GbE switches is designed to support Microsoft Network Access Protection. Network Access Protection is a policy enforcement technology built into the Windows Vista and Windows Server, codenamed "Longhorn" operating systems that allows customers to better protect network assets from unhealthy computers by enforcing compliance with network health policies. Microsoft's Network Access Protection technology is publicly available with trial versions of Windows Vista, and available to select partners and customers with Beta 2 of the future version of Windows Server, codename "Longhorn."

"Standardization of network security is a topic that needs to be addressed, pairing the hardware at the chip level with the software that runs the network," said Mike Schutz, Group Product Manager - Security and Access, at Microsoft Corp. "Broadcom is one of the companies that is laying the groundwork for standardization by developing new technology that will support Microsoft's vision for network security."

The BCM56510 series, with BroadShield technology, also enables network admission control (NAC), which governs how security policies are enforced on any device on the network with the goal of minimizing the damage from emerging security threats. IT managers employing NAC have the ability to control network access for any client that accesses the network (for example, a PC, PDA or other endpoint device), granting the appropriate level of access based on the classification of the endpoint device.

"Integration of security into hardware will significantly enhance performance and lower costs while ensuring the integrity of the network infrastructure," said Chris Crowell, EVP Research & Development, Enterasys Networks. "Broadcom's new switch silicon enables us to cost-effectively further our integrated hardware and software developments to automatically sense and respond to network security threats in a way that is practical, achievable, and delivers rapid time to value" - Broadcom.