IBM Proventia GX6116
Strengths: High performance, very capable IPS
Weaknesses: The price, unless you can justify this investment in a very large enterprise environment, documentation is disappointing
Verdict: This is a serious IPS appliance meant for seriously large-scale implementations
The Proventia IPS GX6116 could be considered the high-end sports car of IPS appliances. Not only does this device include several protection and analysis features, such as protocol analysis for more than 140 different network and application protocols, heuristics and pattern matching, but it is built for speed. This appliance includes a top-spec network processing unit, as well as eight 64-bit multi-core processors and dual Xeon x86 processors examine traffic across all seven OSI layers. This beast of a box can handle almost any amount of traffic thrown its way and still have resources to spare.
We found this appliance to be surprisingly simple to set up and manage. We did hit a few snags in the setup process, though. Since the Proventia GX6116 is built for massive speed, the ports are all straight gigabit and will not talk to anything less. The other problem we ran into was that the Java interface tends to freeze when implementing a large policy change unless your console PC has a lot of memory. Other than that this appliance is solid. We found the interface to be simple and intuitive along with simple policy configuration.
This device has no trouble with computing performance, but the protection performance sits right about in the middle of what we would expect. On the scanning portions of our tests the appliance caught most of the attacks, and on the penetration attack it blocked everything from getting through.
The getting-started guide is presented in the standard IBM-ISS layout with limited visuals, although it is fairly easy to follow. The text-based user manual details configuration in more depth and describes how to deploy this appliance with SiteProtector, the vendor's centralised management console. We would have liked some more illustrations, especially for deployment options.
IBM-ISS has many comprehensive support plans available on a contract basis. These include various levels of phone technical support, updates and upgrades, training, and many other services.
This product is at the top of the price spectrum. At more than £120,000, this product is a significant investment. Although this device has some very nice features as well as high capability, the price is only justified as part of a large Proventia deployment. This is the ultimate sports car with all the toys, intended for the large enterprise.