Enterasys Networks is jumping into the multi-function security router business with three devices meant to compete against similar Cisco offerings.

The three boxes, called XSR-3020, XSR-3150 and XSR-3250, are targeted at a range of small to large sites, and initially include IPSec VPN support and a firewall. Later, the company plans to add intrusion detection as well.

The idea of these platforms is that they ensure the various functions will interoperate, making it simpler for businesses where there isn't enough staff or expertise to boost security. It also helps keep down the number of devices in the network. The downside is that customers take the firewall, intrusion detection and VPN that Enterasys chooses rather than picking the ones they find to be best.

The Enterasys VPN and firewall software are homegrown, as is the intrusion detection software that will be added by year-end. Also by year-end, the company will add voice over IP support that will enable session initiation protocol signaling to cross the firewall, something that is difficult to configure if the products are not integrated.

Combining security functions on a single device is a model adopted by other vendors including Nokia, NetScreen and Cisco. Enterasys wants to compete against Cisco directly and even says which specific Cisco boxes it is targeting: Cisco 2600, Cisco 3700 and Cisco 7000.

Depending on the model, the three Enterasys boxes support between 1,000 and 5,000 IPSec tunnels at a time. They support both site to site and remote access VPNs using the clients included in Windows 2000 and Windows XP PC software.

XSR-3150 costs $7,200 and XSR-3250 costs $10,000. Both are available in July. The XSR-3020 and XSR-4100 are planned for September and will cost $6,000 and $16,000, respectively.

Tim Greene is senior editor at Network World.