ISS launches first hardware appliance
Crucial product transition
ISS, the intrusion detection software specialist, has begun selling its first hardware appliances.
The Proventia G Series of intrusion prevention appliances are designed to block denial of service attacks or the spread of worms, such as Blaster, without interfering with legitimate network traffic.
In active mode, Proventia G appliances sit inline and block attacks. In passive mode the products merely record and detect attacks (much like ISS' mainstream IDS software technology). There's also a training (simulation) mode.
The intrusion detection/prevention market is in transition. Conventional Intrusion Detection Systems (electronic burglar alarms) merely detect attacks. This passive approach isn't much good if people aren't checking logs - and worse than useless if false positives are generated.
Mindful of these shortcomings, vendors have introduced a fresh breed of security appliances, dubbed Intrusion Prevention Systems (IPS). These appliances are designed to sit in-line with network traffic and proactively block a limited set of well understood attacks.
ISS has 20 per cent market share of the overall IDS/IDP market and a lead in IDS software, according to Infonetics Research.
ISS has faced increasingly strong opposition from Cisco and Symantec on the software side and a raft of hardware appliance vendors (NetScreen, Top Layer and others) touting either building intrusion prevention technology into firewalls or standalone IPS devices.
Software IDS is becoming a legacy market, so ISS' successful introduction of appliance products is key to its succes in the medium term. The combined IDS/IDP market is predicted to grow 32 per cent per year to reach $1.1 billion in 2006.
ISS' first intrusion prevention appliance in the G Series, the Proventia G200, works up to 200 Mbps and is available now at prices starting from $11,995. Additional models for various bandwidths will be released in the future, including the Proventia G100 available later this year. All products in the series plug into ISS' SiteProtector centralized management system. ®
NetScreen firms firewalls against app attacks
Check Point bolsters apps security defences
When firewalls and intrusion detection just aren't enough
Vendors sharpen tools to thwart DoS attacks
IDS users swamped with false alerts