It's hard to imagine an organization with a greater need for multi-gigabit intrusion prevention than SoftLayer Technologies. The Plano, Texas-based provider of Web-hosting and on demand data center services houses some 15,000 servers, and is adding another 1,000 every month.
"You can probably refer to us as the Petri dish of the Internet," said Sean Charnock, SoftLayer's vice president of business development. "We have 5,000 clients from 200 countries being hit by all sorts of security breaches. It's not like a corporate environment with dedicated, simplified segments. It's not like coming in to attack walmart.com."
For SoftLayer's special environment, Charnock protects his core with high-end TippingPoint IPS appliances, but has been frustrated trying to use them efficiently to manually switch coverage on his network segments to meet changing needs. But he believes he's found the solution, piloting TippingPoint's Core Controller, announced today, which manages up to 10 Gbps traffic for IPS boxes.
"I think TippingPoint's timing is good," said Greg Young, an analyst at Stamford, Conn.-based Gartner Inc. "It's less about 10 gig and more about IPS and network cores. It's really more about smarter internal deployment of IPS in internal networks rather than the edge."
Demand for high-performance intrusion prevention is growing, as enterprises consolidate into bigger and bigger data centers to save money and simplify management. Bandwidth hogs like VoIP and video exacerbate the problem.
Rather than build an even bigger, badder IPS appliance, TippingPoint's approach is to manage traffic efficiently among existing appliances, effectively an IPS load-balancer that distributes traffic based on requirements. By getting the most out of their investment, enterprises add IPS as business needs grow.
"This gives us the biggest return on investment. We get flexibility, and maximum utilization out of each device that sits below core controller," said Charnock. He exppects that investment to eventually exceed more than 30 high-end TippingPoint 5000E 5 GBps IPS appliances.
"We've always had to throw more boxes at traffic. I have heartburn buying new boxes when some are used only at 20%," said Charnock. "I'd rather buy 10 more boxes because I know all my boxes are running at 80%."
TippingPoint's beta customers are among our biggest, deploying 10 gigabit switching and routing, said Roark Pollock, TippingPoint director of product marketing.
"They don't necessarily want 10 GB IPS appliances, because the traffic isn't there yet. They get a lower cost at entry and add IPS in a pool, buying more as bandwidth increases," said Pollock.
While TippingPoint's Core Controller is the right approach for some companies, it's not the only good solution for emerging demands of 10 Gb networks. Gartner's Young said dedicated high-performance 10 Gbps appliances, which work well for organizations that have a good handle on their traffic requirements, and blade-based solutions are right for other environments.
"All three approaches are good for different environments. Each have their pros and cons, and it's good to see vendors offering choices" he said. "Controllers have complexity, but offer flexibility; monoliths are simpler but not flexible; blade chassis cost more upfront, but there are potential downstream savings."