In what amounts to the first tangible fruits of its acquisition of the Gauntlet firewall from Network Associates nearly a year ago, Secure Computing on Tuesday announced a new "hybrid" firewall and an appliance for managing hundreds of distributed firewalls.

The new Sidewinder G2 Firewall is built on Secure's hardened version of Unix, SecureOS, and supports both stateful inspection firewall techniques as well as application layer filtering. It also supports virtual private network capabilities.

Application layer filtering enables the G2 to compete with products meant to thwart intrusions that target Web applications, such as with long URLs that can result in intruders gaining root access to servers. G2 now inspects all packets to ensure they are properly formed, supports application proxy capabilities and offers settings to limit URL lengths, perhaps disallowing any URL longer than the longest one on a customer's Web site.

Secure will offer six models of the G2, from the 1U Model 25 to the 4U Model 4000, which supports more than 15,000 new sessions per second and more than 1 million connections, which is a new high for a Secure firewall.

The new firewalls are also intended to be easy to deploy, says Paul DeBernardi, director of product marketing for Secure firewalls and content filtering products.

"They can be deployed by someone with no security expertise at all, be up and running in seven minutes, and managed from anywhere in the world," he says.

Secure's new management appliance, dubbed the Sidewinder G2 Enterprise Manager, is also built on the company's SecureOS Unix. DeBernardi says it is impossible for an intruder to hack into a SecureOS machine and gain root access, an important attribute in a management system.

"That's where your policies, rules and crypto keys are stored, where people look to perform audits," he says. "The management system really holds the corporate jewels. We make sure we lock the central system down so it will not be compromised and nobody can modify the data."

At the same time, Enterprise Manager offers a single point for policy management, audit log and configuration backup for a network that may contain hundreds of distributed firewalls. Among its key features is the ability to write one generalized policy and have it automatically localized to all the distributed firewalls. A rule to allow access to a Citrix server, for example, would be fleshed out on the local level with the IP address for the nearest Citrix server, obviating the need for all those addresses to be entered manually.

Enterprise Manager is available in a 1U format that costs $15,900 and is capable of managing up to 10 firewalls, as well as a 2U format that costs $31,900 to $79,900 and can manage from 25 to more than 400 firewalls. The G2 firewalls range in price from $5,360 for the Model 25 to $94,900 for the Model 400.