May 7, 2008

Fastest Public Test of a Network IPS

As network traffic continues to grow, so too do the demands on network infrastructures. As a result, multi-gigabit network IPS devices are gaining traction, and providing essential protection in a switched core environment.

Yesterday, NSS Labs released a milestone report on what is the fastest independently verified Network IPS product on the market, to date - the IBM/ISS GX6116. (I say to-date because there are certainly a couple of 10Gig devices that have recently debuted, and we look forward to also testing these). What is notable here is that our tests are not based merely on RFC 2544 (UDP packet blasting), which can inflate a vendor’s performance metrics due to the stateless nature of UDP and typically large packet sizes used. (See our white paper on Pitfalls of Performance Testing). Rather, NSS Labs dedicates a lot of attention to creating real-world multi-protocol test suites across a wide range of use cases.

In our real world tests, we create a complex mix of protocols including HTTP, FTP, SMTP, DNS, etc and pass these through the device under (DUT) test at speeds up to 30 Gbps. This is a live test with deep packet inspection and default or recommended rules turned on. The Proventia GX6116 displayed excellent performance up to 6 Gbps coupled with extremely low latency under all normal traffic conditions.Security effectiveness was also impressive, with excellent coverage above 95% for the most critical vulnerabilities, out of a set of 579 – the largest set of exploits run in any public test.

Read the full report here: