This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."
Download it now to read this article plus other related content.
Network-based intrusion detection/prevention
TippingPoint Intrusion Prevention Systems
Say "network intrusion prevention" and the name TippingPoint almost surely will come up. Its powerful range of high-performance appliances has established the company's strong position among signature-based IPS vendors. Readers' Choice respondents backed that reputation, awarding TippingPoint Intrusion Prevention Systems appliances gold in a highly competitive category.
Readers gave TippingPoint high marks across every IPS criteria. In particular, it stood out for its ability to effectively and accurately detect and stop malicious traffic, frequency of signature updates and response to new threats, and the ability to tune the appliances to reduce false positives.
Using custom ASICs, high-performance processors and a 20 Gbps backplane, TippingPoint IPS is known for low latency, critical for detecting and/or blocking threats without false positives and without slowing traffic, especially in QoS-sensitive environments.
TippingPoint IPS complements its signature-based detection with strong network features, enabling traffic classification and rate shaping.
NOTABLE TippingPoint is at the center of controversy in Bain Capital's takeover of parent company 3Com. TippingPoint may be sold to appease regulators and facilitate the sale.
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco's line of versatile 5500 Series Adaptive Security Appliances is an appealing platform for the network infrastructure giant's IPS capabilities, earning Cisco the silver in a market featuring a number of pure-play dedicated appliances.
Cisco's IPS was a close second among Readers' Choice respondents, who gave it particularly high marks for effectiveness, update frequency, integration with network defense and management tools (no surprise considering Cisco's dominance on the network) and vendor service and support.
Adding Cisco's IPS module to the 5500 series combines signature-based intrusion prevention to a platform known for its top-shelf network firewall/VPN capabilities, built on Cisco PIX.
Organizations can use the IPS risk rating feature to base alerts and automated action on business-specific criteria, such as asset sensitivity.
Cisco-dominated shops benefit from the use of Cisco Security Manager to administer all Cisco security products from a central console.
NOTABLE Cisco is phasing out its venerable PIX firewall products, which it will continue to support for several years, in favor of the 5500s.
This was first published in April 2008