Readers vote on the best Intrusion detection and Prevention products in 2012: Network-based intrusion detection and prevention appliances, using signature-, behavior-, anomaly- and rate-based technologies to identify denial-of service, malware and hacker attack traffic patterns.
In this part:
Gold: IDP Series Intrusion Detection and Prevention Appliances, Juniper NetworksAfter a two-year absence, Juniper Networks reappears in the intrusion detection/prevention category with a gold medal for its IDP Series Intrusion Detection and Prevention Appliances. The networking vendor previously earned a gold medal for the same product in 2009. This time around, readers gave the IDP Series high ratings for its ability to effectively and accurately detect, prevent and/or block attacks and suspicious activity, the frequency of signature updates and response to new threats, its reporting and alerting functionality, and vendor service and support.
The IDP Series uses stateful signature detection as well as protocol and traffic anomaly detection to help protect networks against both known and unknown threats. According to the vendor, the appliance's application-layer intelligence helps reduce false positives and increase throughput. The appliance examines traffic in the context of an application, enabling it to identify the signature pattern at the location where an attack can occur.
The product also provides application awareness/identification, application policy enforcement and application volume tracking, which allows administrators to observe how much bandwidth an application is using.
Expert's market reflection: "Application visibility and control has blurred the lines between the IPS and firewall appliance markets. While large enterprises will likely continue to use both next generation firewalls and IPSes, medium-sized enterprises are more likely to select one or the other." -- Paula Musich, principal analyst, Current Analysis
Silver: Sourcefire IPS, Sourcefire
Winning the silver this year was Sourcefire IPS, which is now called Next-Generation IPS (NGIPS). Readers rated the product highly for effectively and accurately detecting, preventing and blocking attacks and suspicious activity. They also praised Sourcefire's frequency of signature updates and response to new threats.
NGIPS includes real-time network and user awareness for enhanced visibility and automation. Optional Control Licenses can expand the product's capabilities to add application and user controls as well as additional functionality.
Bronze: McAfee Network Security Platform, McAfee
Readers awarded the bronze to McAfee Network Security Platform, giving the product high scores for effectively and accurately detecting, preventing and blocking attacks and suspicious activity. The product also received high ratings for frequency of signature updates and ease of installation, configuration and administration.
McAfee Network Security Platform combines a single-pass, protocol-based inspection architecture with purpose-built hardware to provide multi-gigabit performance. The product combines advanced threat prevention and application awareness and correlates threat activity usages through Layer 7 visibility.