Posted: 3 Min ReadProduct Insights

Symantec Enterprise: It’s Time to Shift the Appliance Paradigm

Introducing the new Secure Web Gateway

Appliances that consolidate hardware, software and networking into a single device have delivered both economy and ease-of use for the past decade and more. From their inception, appliances constituted a paradigm shift, doing away with separate compute, storage and networking devices with their distinct management requirements. Now, however, it’s time for the appliance paradigm to be shifted - again. Why?

Very simply, the cloud era has brought about unprecedented change. By enabling the use of computing capacity, storage and applications on-demand, the cloud delivers savings, ease of use and scalability, freeing up IT staff to focus on innovation for competitive advantage, rather than device configuration and software license management. Most important for many organizations, the cloud shifts the capital expense of hardware to the operating expense of a service, used only as needed.

Building on our previous-generation ProxySG technology, this new platform protects organizations across the web, social media, applications and mobile networks

At Symantec, a division of Broadcom (NASDAQ: AVGO), we are responding to the age of the cloud with our new Secure Web Gateway (SWG) solution that provides deployment flexibility, either as an appliance, in virtual environments or in the cloud. Building on our previous-generation ProxySG technology, this new platform protects organizations across the web, social media, applications and mobile networks. But the key innovation in this paradigm-shifting appliance is the decoupling of hardware and software, which enables customers to benefit from a capex model for hardware and an opex model for software.

Because the hardware and software are separate, you can purchase and deploy a hardware appliance now and deploy it as a virtual appliance or in the cloud under the same software license later. You can even move to an entirely cloud-based implementation when the time is right. In short, your investment is future-proofed.

Why such a hybrid or blended approach, rather than cloud-only? In some industries, such as financial services, companies don’t want to put all their data and traffic in the cloud. Although they might contemplate increased cloud usage with AWS, Google or Microsoft Azure, compliance requirements often dictate that critical data remain under their control on their own premises. There are other reasons for a blend of on-prem and cloud as well. For example, the cloud, because of its minimal support requirements, might be best for remote offices, while on-prem equipment might better serve headquarters. The new licensing model covers both implementations.

New SSP-S410 HW Platform
New SSP-S410 HW Platform

Performance Boost Addresses Rise in Encrypted Traffic

Within this new, flexible appliance paradigm, our SWG is gaining a significant performance increase. While higher performance is always welcome, the rise in encrypted traffic makes this increase absolutely necessary because encrypting and decrypting traffic demands significant processing power. According to this Google Transparency Report, encrypted traffic across Google is approximately 95%, and Google would like to see it reach 100%.

Although encryption is implemented to protect the content of data streams, that very encryption can mask malware, allowing it to penetrate an organization. The high level of encrypted traffic and the need to discover malware within it calls for a paradigm shift in SWG performance.

This new SWG hardware increases performance in a much smaller footprint by replacing four two-unit appliances with a single one-unit appliance – an 8x improvement in usage of rack space. In addition, it delivers 5Gbps throughput, a 200% increase, and 350,000 connections per appliance, a 150% increase.

Within this new, flexible appliance paradigm, our SWG is gaining a significant performance increase.

The new hardware lowers the requirements for rack space, electrical power, cooling and management, while providing the kind of processing muscle you need to gain full visibility, inspection and protection against threats hiding in encrypted traffic. With flexible hardware and software licensing, you can adjust and scale as needed to meet the challenge posed by encrypted traffic.

Before I close, I should mention the kind of R&D investment it takes to bring about a paradigm shift of this nature. Symantec Enterprise Division (SED) has always been technology-focused and now that SED is backed by Broadcom we are even more so. Broadcom invests 20% of its revenue in R&D. That’s the kind of commitment that makes this SWG paradigm shift possible.

So, consider your needs. If a SWG hardware appliance is all you need, this new hardware will deliver compelling performance to meet the demands of today’s encrypted web traffic. If a combination of on-prem appliance and cloud-based service is the answer, then Symantec delivers an unrivaled value proposition. And if an all-cloud alternative is in your future, Symantec will have you perfectly positioned. In the new SWG appliance paradigm, the same software license covers all your deployment options.

Symantec Enterprise Blogs
You might also enjoy
4 Min Read

The Cyber Security Platform Shift – More Secure, Less Complex

How Symantec Enterprise’s Integrated Cyber Defense reduces the integration burden on customers in a fast-changing security world

Symantec Enterprise Blogs
You might also enjoy
3 Min Read

Symantec Enterprise Is Doing It Right

The industry is paying attention

About the Author

Alan Hall

Director of Product Marketing, Symantec Network Information Security

Alan is responsible for the product marketing of key products in Symantec’s network security portfolio and has over 20 years of experience with networking and security technology leaders.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.