BOSTON--Bell Labs’ proprietary operating system is just one of the famous R&D labs’ innovations behind two new products introduced this week by Lucent Technologies at Fall 2006 VON: VPN Firewall Brick 700 and the VPN Firewall Brick 1200 for large enterprises and service providers.

By incorporating firewall and fast packet requirements directly into its operating system, Bell Labs was able to boost the high-performance packet handling and deep packet inspection capabilities of the two products.

Built for large enterprises and service providers both, the firewalls include built-in denial-of-service protections, hardware-based IPSec VPN acceleration, and best-in-class benchmarking at what Lucent is calling a significantly lower price point than most similar products.

Designed to support real-time, latency-sensitive IP-based multimedia services such as VoIP and IP videoconferencing, the new Bricks use Dynamic Pinholing, a key innovation in firewalling that uses Layer Seven Filtering to recognize IP communication packets and dynamically open ports on the system to move the packets only between the initiation point and the endpoint, closing the ports when the call is terminated.

“It provides an extra layer of invulnerability,” said Joseph Raccuglia, general manager of Lucent VPN Firewall at Bell Labs.

To ensure customers’ ability to manage their new firewall products, Lucent also introduced a new version of its Security Management Server. Version 9.1 allows network managers to control thousands of VPN/firewall devices and hundreds of thousands of concurrent VPN tunnels from a central location without having to access the box to configure it or make changes.

“That means there’s no Telnet ports or back doors. There’s no way for hackers to find the box on the network,” Raccuglia said.

The Lucent Security Management Server uses a new Bell Labs-developed feature called Rules Based Routing that enables the Lucent VPN Firewall Brick to perform routing based on protocols and then forward the packets to the appropriate third party security appliance based on traffic type.

“You only need to redirect that specific traffic those devices care about,” Raccuglia said.

The new products feature integrated high-speed VPN, VoIP security, VLAN, Packet Data Gateway and virtual firewall capabilities, as well as built-in IDS/DoS protection. They also offer an intrinsically secure, transparent Layer-2 bridge; central staging and secure remote management.