Open source may have taken another step in becoming a considerable alternative to the old guard for enterprise routing.
Linux-based router maker Vyatta this week unveiled the latest release of its open source routing software, which combines firewall and VPN capabilities and delivers twice the performance of proprietary systems at half the price, the company says.
Vyatta Community Edition 3 (VC3) adds IPSec VPN, multi-link PPP, and BGP scaling and security above and beyond the features included in VC2, which was released in February. Vyatta is planning to issue a new release of its routing software every six months.
Since its debut in February 2006, Vyatta's network software has been downloaded nearly 100,000 times, the company says. Like other Linux and open source programs, VC3 runs on commodity x86 hardware, which allows for low cost purchase and implementation , proponents say.
Open source systems also ostensibly enable a wider range of applications to be developed and executed for those platforms due to the "open" accessibility of the operating system source code and APIs.
Where the rubber meets the road, though, is in price/performance, Vyatta and other open source advocates claim. Freely available operating system software running on commodity hardware can provide the same or better level of performance as proprietary, highly optimized and integrated system at much lower cost, they say.
Vyatta, for example, says its router, running on an obsolete Intel Celeron processor, can provide twice the performance at half the price of Cisco's 2821 Integrated Services Router (ISR). Vyatta adds its routers can go toe-to-toe with -- even replace -- Cisco routers in the 1800 to 7200 series range, which covers small and midsize businesses up to Fortune 500 companies.
The larger the company, however, the more squeamish the user is to entrust the environment to open source, analysts say.
"They make some compelling arguments ... but the software's still immature and there's just a huge confidence gap that has to be overcome," says Steve Schuchart of Current Analysis. "In order to compete with somebody like Cisco -- if you're not even to the point where you can offer 24/7 support you're pretty much out for most enterprises."
Undaunted, Vyatta soldiers on with VC3. The IPSec VPN capability in VC3 supports dedicated site-to-site, branch-to-branch or branch-to-headquarter VPNs and a range of cryptographic algorithms, including 3DES, 128- and 256-bit AES, MD5 and SHA1. In addition, IPSec VPN can now be configured in a cluster of multiple Vyatta units with failover mechanisms to provide high availability, the company says.
The Multi-link PPP capability is designed to let customers increase WAN bandwidth by using multiple low-speed circuits -- typically T-1 links -- in parallel instead of a more expensive T-3 upgrade.
BGP scaling and security enhancements include faster routing convergence with many peers; and MD5-based neighbor authentication. Per-BGP peer policy support is designed to let users control route propagation, and new monitoring and troubleshooting commands are intended to ease management of Vyatta routers.
VC3 is available for download from Vyatta's Web site. Subsequent VC releases may include IDS, antivirus/antispam, load balancing and SSL VPN support to give users further reasons to reconsider a Cisco ISR.