Crossbeam Systems is the closest thing I’ve found to what is – at least tentatively — my vision of the appliance future. It offers a blade-based computing box that differs from standard boxes in the same direction that appliances typically do. I.e., Crossbeam systems boast beefed up networking, maybe some beefed-up reliability as well, and maybe other beefed-up security processing in the future. Then they offer a software infrastructure (virtualization, robustness, etc.) to let various pieces of software – in Crossbeam’s case, security and security-like tools – run on the box.
The company seems to be doing well. It was founded with a focus on telecom carriers, but gets 40% of its business from enterprises (post-bubble strategy shift). Privately held, it claims many hundreds of customers, with lots of repeat business. There seems to be an analyst study ranking them extremely highly for the high-end of the market. Check Point mentioned Crossbeam to me in the same breath as Nokia as one its two principal revenue sources among appliance partners, which is impressive because the Check Point/Nokia combination goes back to very early days. It also suggests that Crossbeam is selling a lot of stuff.
According to my notes, there are four major components to Crossbeam’s chassis-based products:
- the chassis itself;
- network processing modules (NPMs), for load-balancing and the like;
- control processing modules (CPMs), and
- application processing modules (APMs).
(Actually, I’m not too clear on whether it’s “processing” or ”processor” in those names; indeed, I’m not 100% sure they’re firm on the point themselves …)
NPMs, CPMs, and APMs are all separate blades; in fact, they can be bought separately, potentially with various software products already loaded, if you already have a Crossbeam chassis. Each incorporates a Crossbeam networking-oriented FPGAs. The NPM itself has further FPGAs (I’m not sure what they’re used for). Next-generation product plans incorporate a 16-core MIPS security processor (I’m not sure in which modules). Except for these components, the modules seem to be fairly generic Intel-based blades.
Crossbeam’s choice of specific software partners is probably the least interesting aspect of the story. It’s biased towards traditional industry leaders who haven’t committed to an appliance strategy themselves, notably Check Point, ISS, Sourcefire, Trend Micro, Websense, and Optinet. However, it’s not a strict best-of-breed list. For example, the French defense agencies don’t like to buy from Israeli vendors, and hence Crossbeam supports a couple of no-name Gallic firewalls as Check Point alternatives.
Crossbeam claims that lack of management integration among these point products is not a competitive problem, since it sells to customers large enough that different individuals management different aspects of security and networking anyway. In fact, separation of duties and hence privileges is a best practice for maximum security.