June 30, 2005
Internet Security SystemsProduct:
- Ease of Use:
- Value for Money:
- Overall Rating:
Excellent policy management with SiteProtector.
Quite simplistic high-availability modes.
One of the best policy editors on the market, and only the high-availability tools let the side down a little.
The Proventia G400 might look like a standard rack-mount Intel-based server, but it's a lot more than that. The hardware was specifically chosen, drivers written for it and a network agent pre-installed. As a result, it can cope with up to 400Mbps of throughput and monitor up to four network segments using its four copper and four fiber Gigabit Ethernet ports.
The appliance can be installed in three modes – active, passive and simulation. These let you measure a network baseline before putting it into active mode to block threats and anomalous data. While a high-availability mode is available (active-active only), in the event of a hardware failure all packets are forwarded (fiber connections require an external box) even if there is no power to the appliance, so normal network services are not affected.
Management can be done via a web browser interface for local settings, but the bulk of control is handled through the SiteProtector Management Console connected directly to the management port.
SiteProtector is an excellent application that makes it easy to manage a large range of IPS sensors. It was one of the easiest products on test to deploy, and as with other products on test, control of each sensor is through policies that define the type of traffic the sensor is to look out for and the reaction it should have.
The Proventia supports a wide range of detection methods and can scan more than 100 protocols. It can detect malicious code, trojans and DoS attacks.
Most of the system's detection capabilities require attack signatures, which are updated automatically via the management console and distributed to all sensors on the network, so it is easy to keep up to date with the current threats.
Reporting is top-notch and goes far beyond the more simplistic tools offered by many companies. The reporting and monitoring tools enable you to automatically configure protection for newly discovered threats, while reducing the number of false positives.
Perhaps the best thing about SiteProtector is that it's included as part of the cost of the sensor, so there's no hidden costs.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator