Switching made smarter - Next-generation switches draw on packet inspection to improve service, bolster security, and optimize bandwidth.(Product Announcement)

As SSL acceleration and load-balancing technologies have matured, the locus of their operations has moved from the server to network devices. And established vendors such as Cisco Systems have integrated the functionality of these technologies into their application switches. Now, packet inspection is giving birth to a host of new capabilities, including rate limiting, QoS (quality of service), and security functions, thanks to even deeper content-and application-awareness.

The promise of packet inspection has drawn the attention of both startups and existing switch vendors. For example, Vernier Networks -- a Mountain View, Calif., company spun off last year from Palo Alto, Calif.-based Packet Design -- has developed a special-purpose edge switch that effectively allows a network administrator to provision users based on a wide set of policies. Using what the company calls a Packet Inspection engine, Vernier's AM 6000 Access Manager platform increases security and control by inspecting and filtering packets at high speeds, based on any packet-level attribute.

Salt Lake City-based startup Forum Systems is also in deep with packet switching. The 1-year-old company's Sentry 1500 appliance is designed to provide security in the world of Web services. Through packet inspection and proprietary software techniques, the Sentry 1500 is able to add selective encryption to XML data in transit, thus ensuring the data is secure and cannot be read while it passes through the server. Mamoon Yunus, CTO of Forum Systems, fully expects this type of technology to be found one day in switches, although it is just now being pulled from the …