This content is part of the Essential Guide: Security Readers' Choice Awards 2013
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Best of intrusion detection and prevention 2013

Readers vote on the top intrusion detection and prevention products in 2013: Network-based IDS and IPS appliances, attack traffic patterns.

Gold: Juniper Networks IDP Series Intrusion and Prevention Appliances, Juniper Networks Inc.

For the second year running, Juniper Networks IDP Series Intrusion and Prevention Appliances was awarded the gold medal in the intrusion detection/prevention category. The IDP Series again won plaudits from Information Security readers for its ability to effectively and accurately detect, prevent and block attacks and suspicious activity. Readers also noted its reporting and alerting functionality; its integration with other network defense and management tools and the exceptional vendor service and support offered by Juniper.

Juniper's series of appliances makes use of stateful network intrusion detection and prevention techniques to prevent a variety of zero-day attacks, while also minimizing false positives by applying signatures only to the relevant network traffic. The network vendor also claims that its appliances can provide proactive protection against reconnaissance activities, distributed denial-of-service attacks and undisclosed vulnerabilities by establishing rules to detect unexpected traffic patterns.

The appliances are capable of marking packets so that network traffic can be optimized and business-critical applications will have the bandwidth to function. The IDP Series also comes with preconfigured real-time reporting capabilities, which enables each appliance to provide reports without any effort on the part of the IT team.

Expert market reflection on category dynamics:

"Intrusion prevention and detection is increasingly included in next-generation firewalls, putting the standalone IPS market on notice. But attacks still need to be detected and blocked, so regardless of where it runs -- the ability to detect attacks, provide application control, apply contextual awareness, and catch advanced malware will continue to be important for security professionals." 

-- Mike Rothman, president, Securosis

Silver winner:  Fortinet FortiGate, Fortinet Inc.

Information Security readers awarded the silver medal to Fortinet FortiGate, with strong marks given to the appliances for frequent signature updates ,  the ability to respond to new threats, tuning capabilities that reduce false positives, and the strong vendor and service support provided by Fortinet. They also commended FortiGate for accurately detecting, preventing and blocking attacks, and other suspicious activity.

Available in a range of models, Fortinet FortiGate can be utilized as both a NGFW and UTM system. The IPv6-ready product range offers a variety of central command capabilities and strong authentication options to meet compliance regulations.

Bronze winner:  Check Point IPS Software Blade, Check Point Software Technologies Ltd.

Check Point IPS Software Blade takes home the bronze in 2013, with readers highlighting the frequency of signature updates and response to threats. They also gave solid marks to Check Point's IPS for its ability to accurately detect and prevent attacks, as well as its ease of installation and configuration.

According to Check Point, its IPS Software Blade is a best-of-breed product, combining application control, URL filtering and data loss prevention capabilities into a single IPS and next-generation firewall. The product provides protection via one-click activation and firewall throughput as high as 30 Gbps.

This was last published in October 2013

Dig Deeper on Network intrusion detection and prevention (IDS-IPS)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.