Nortel Threat Protection System
May 01, 2006
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Flexible and completely customisable for specific network policies.
- Weaknesses: Very difficult to configure and install. Has ineffective documentation.
- Verdict: Sourcefire-based solution that would perform much better as a suite.
The Nortel Threat Protection System runs on a Sourcefire platform, something that surprised us. The product is a flexible system composed of multiple sensors and a management console.
This system is customised with specific policies built by an administrator. While the system is completely customisable, its lack of solid documentation and its complexity could open the door for implementation error.
As with the Sourcefire product (p59), this product is really meant to be deployed as a full suite, and tackling specific IPS functions was tricky.
We found the administrator’s web interface to be confusing and unorganised, and configuring the system became an in-depth exercise of creating policies from the ground up.
The Nortel system also seems to be somewhat unstable under attack. After building policies and configuring the system, we found that is was not very effective at stopping our scans or intrusions. It was one of about half the products we tested that was unable to protect its network against certain types of attack.
The Nortel Threat Protection System comes with multiple printed manuals, each one for a specific part of the configuration or specific device in the system. While extensive, we found that on certain points the manuals did not match up with what we were seeing on the screen, and some of it seemed wordy and unclear.
Nortel offers a support website, but we did find it unorganised. A user must first have an account to access many areas of the site. If the user does not have an account, access is restricted to viewing product documentation and overviews. Nortel also offers free email support, but for all other support a user is required to pay for a service contract.
Priced at £14,250 for the configuration we tested, this system sits right between some of the more expensive systems and some of the less costly ones. We find that, if set up and configured correctly (particularly if deployed as a full suite), this system can be a fairly good investment for larger networks, but given its complexity it might not be as useful for small to medium-size companies.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry