IBM ISS GX6116 IPS

IBM Proventia Network Intrusion Prevention System (IPS) GX6116 extends Proventia technology’s industry-leading protection farther into the core of your network, where it can help block both external and internal threats before they affect your business. If you’re currently using high-performance applications such as Voice over Internet Protocol (VoIP), you need security solutions that are capable of high throughput, maximum scalability and low latency. And with IBM Proventia IPS GX6116, you can take advantage of these capabilities as well as inspect network traffic at up to 6 Gbps throughput across eight protected network segments—helping to ensure a configurable bounded latency threshold.

To help meet the demanding requirements of the network core, Proventia IPS GX6116 features a custom-built architecture that includes a network processing unit (NPU) specifically designed for high-speed processing of network packets.

Proventia IPS GX6116 delivers security, performance and reliability in one solution that’s easy to deploy and manage.

IPS-GX5008-lg

IBM ISS GX6116 IPS

Throughput: 15 Gbps
Inspected Throughput: 6 Gbps
IBM IPS GX6116 Datasheet
IBM Proventia IPS Datasheet

Data Sheets
Highlights
Benefits
Key Features
Model Specs
Comparison

Data sheets

IBM Proventia Network Intrusion Prevention System (IPS) Datasheet

IBM Proventia Network Intrusion Prevention System GX6116 Datasheet

IBM Proventia Intrusion Prevention System Protection Engine Datasheet

Highlights:

A Raza Microelectronics network processing unit (NPU) specifically designed for high-speed processing of network packets
Eight 64bit multi-core processors and dual XEON® x86 processors examine traffic across all seven OSI layers
High availability options for continuous protection and network availability
Robust hardware redundancy for power supplies and data storage
Vulnerability-based protection to stop threats before they impact business
Proven protection for entire categories of attacks including buffer overflows, worms, spyware, denial-of-service and browser-based attacks

Securing high-speed networks without sacrificing performance
Intrusion prevention systems (IPS) can help enterprises meet compliance requirements and protect valuable business data, but network administrators cannot tolerate the negative impact many traditional security appliances have on the network. The solution enterprises require merges network performance and availability with advanced threat protection.

The Proventia GX6116 offers the best of both worlds — network performance and ahead-of-the-threat protection.

Engineered with today's three network pain points in mind — Performance, Availability and Reliability — the Proventia Network IPS GX6116 is designed to secure the network, maximize uptime and optimize throughput.

The Proventia protection engine employs multiple intrusion prevention technologies working in tandem to monitor, detect or block these classes of network threats:

Application attacks
Attack obfuscation
Cross-site scripting attacks
Data leakage
Database attacks
DoS and DDoS attacks
Drive-by downloads
Insider threats
Instant messaging

Malicious document types
Malicious media files
Malware
Operating system attacks
Peer-to-peer
Protocol tunneling
SQL injection attacks
Web browser attacks
Web server attacks

Blocking network threats and delivering security convergence at the core, perimeter and remote segments
By consolidating network security demands for data loss prevention and protection for Web applications, IBM Proventia Network IPS serves as the security platform that reduces the costs and complexity of deploying and managing point solutions for the network core, perimeter and remote segments.

When evaluating intrusion prevention technology, businesses often struggle to balance and optimize the following six areas:

Performance
Security
Reliability
Deployment
Management
Confidence

Proventia Network IPS delivers on all six counts, with performance, preemptive protection, high availability, simple deployment and management, and excellent customer support. Organizations that want to transfer the burden of protecting their network to a trusted security partner can rely on IBM to manage the Proventia product family. Proventia customers also benefit from a range of complementary consulting services for assessment, design, deployment, management and education.

Consolidating network security with preemptive protection
With its modular product architecture, IBM Proventia Network IPS drives security convergence by adding entirely new modules of protection as threats evolve. From worms to botnets to data security to Web applications, Proventia Network IPS delivers the protection demanded for business continuity, data security and compliance.

The IBM Internet Security Systems X-Force research and development team designed the Proventia IPS protection engine and provide the content updates that maintain ahead of the threat protection. X-Force also designed the protection modules, which include:

Virtual Patch® Management
Threat Detection & Prevention
Data Loss Protection
Web Application Protection
Network Security Enforcement

The IBM Protocol Analysis Modular Technology (PAM) drives security convergence to deliver network protection that goes beyond traditional IPS to now include data security, Web application protection and network policy enforcement.

Monthly security effectiveness testing by NSS Labs
IBM is the first vendor to conduct monthly product testing to measure the security effectiveness across its entire product portfolio. These monthly tests are conducted by NSS Labs, a leading global independent testing lab that focuses on security product testing and certification, through its Security Update Monitor (SUM) program, a recurring monthly test of security effectiveness. IBM Internet Security Systems began measuring the effectiveness of its security products in 2002 to ensure that its strong research and development arm was keeping up with the ever-evolving threat landscape. In late 2008, the company chose to test its entire portfolio of products, from its unified threat management tool to host and network security, for third-party validation across its product portfolio.

Intrusion prevention at every layer
Learn how IBM Proventia Network IPS protects your network from unwanted traffic at every layer.

Perimeter: IBM Proventia Network IPS blocks external threats at your network perimeter, before they affect your business.
Core: IBM Proventia Network IPS delivers high throughput, maximum scalability and low latency to help secure the network core.
Remote and Branch Office: IBM Proventia Network IPS extends IBM ISS' industry-leading intrusion prevention technology to the remote segments of your network.

Features:	Benefits:
User Interface Options	Proventia Management SiteProtector™ Proventia Manager Local command line interface Front Panel LCD Module
Proventia Management SiteProtector	Centralized policy management, updating, and responses User auditing Flexible event analysis
Proventia Manager (Web-Based Local Management Interface)	Device configuration Security policy configuration Security event monitoring
Command Line Interface	Device configuration
Front Panel LCD Module	Device configuration; Restart; Shutdown
Security Content Updates (featuring Virtual Patch™ technology)	Preemptive ahead of the threat coverage powered by X-Force® vulnerability-based research Average updates per year: 20
Reporting	Flexible view-based analysis (optional, requires SiteProtector) Pre-built graphical reporting module (optional, requires SiteProtector)
Device Health Monitoring	Proventia SiteProtector interface Web-based local management interface SNMP trap to third-party system
Granular Management	Policy per device Policy per port Policy per VLAN tag Policy per IP address/range
Proventia Access Control	Acts as an access control point on the network by insuring that computer systems communicating on the corporate network are protected by an up-to-date
Voice over IP (VoIP) Identification and Protection	Parses and analyzes the underlying VoIP family of protocols for attacks. Protocols inspected include: SIP, MGCP, H.323, H.225, H.245, Q.931, T.120 and SCCP
Spyware Prevention	Prevents the installation of spyware modules Prevents the communication of spyware applications to their reporting sites
Protocol Recognition and Identification Techniques	Port assignment Heuristics Port following Protocol tunneling
Traffic Analysis Techniques	Protocol analysis (140+ network and application protocols) RFC compliance TCP reassembly Flow reassembly Statistical analysis Pattern matching
Intrusion Prevention Responses	Block Ignore Log Evidence Email Quarantine SNMP User-Specified
Attack Traffic Logging	Attack packet logging TCP-dump capable
Operating Modes	Active Protection (layer-2 inline blocking mode) Inline Simulation (inline "learning" mode) Passive Detection (non-blocking monitoring only mode)
Custom Signature Support	Yes
Firewall Rules Support	Rules based on: Port, IP Address and/or Packet Type
Quarantine Functionality	Ability to automatically block suspicious traffic from a particular host to reduce the risk of infecting other hosts
Trust X-Force Option	Ability to automatically block new threats based on ISS' X-Force expert recommendations
High Availability/Failover Configurations	Active/Active (2 segments, stateful) Active/Passive Hardware-level bypass capability
World Class Support	24/7 Including platform updates Tech support and advanced exchange
Managed Protection Service Guarantee	When managed by ISS, Proventia Network IPS provides guaranteed protection complete with a warranty if a security breach occurs

Key Features:

Deployed inline and operating at line speeds, Proventia Network IPS blocks intrusions, denial of service attacks, malicious code, backdoors and hybrid threats.

Protection Features:

IBM Proventia Content Analyzer
The IBM Proventia Content Analyzer comprises a collection of new data inspection capabilities designed to inspect and identify unencrypted personally identifiable information (PII) such as name, credit card information, telephone numbers and other potentially confidential information.
Multi-faceted Protection
Proventia's multi-faceted protection engine combines multiple analysis and detection methodologies for optimum accuracy.
Automatic Security Content Updates
Updated security content can be automatically activated and applied to Proventia Network IPS.
Virtual Patch Protection
ISS' Virtual Patch technology allows you to regain control over ad-hoc and emergency patching by shielding vulnerabilities at the network level.
Spyware Installation Blocking
Proventia automatically blocks spyware applications at the network level, preventing installation and download to clients.
Spyware Communication Blocking
For clients already infected with spyware applications, Proventia prevents spyware intelligence reporting by automatically blocking active spyware application communication.
VoIP Security
Proventia parses and analyzes the family of VoIP protocols to identify anomalous traffic. This unique type of analysis allows Proventia to block threats targeting your VoIP services.
Quarantine Capabilities
Proventia enables an immediate and reliable quarantine of traffic from infected hosts and network segments, while allowing legitimate traffic to pass unhindered.
Corporate Network Access Control
The Proventia Network IPS is part of the Proventia Access Control solution to assure that computer systems connecting to the corporate network through a Virtual Private Network, wireless access point, or from another network segment are protected by up-to-date desktop security agents.

Performance Features:

Line-speed Performance
Deployed in-line and operating at inspected throughput up to 6 Gigabits per second, Proventia maintains network performance without requiring network reconfiguration.
In-line Simulation Mode
Proventia is the only intrusion prevention system available with an inline simulation mode, giving you the ability to determine blocking behavior before activating blocking.
Active/Active Stateful High Availability (HA)
In addition to redundant internal components, multiple Proventia appliances deployed in an active/active HA configuration provide the highest redundancy possible while maintaining full session state between devices.
Flexible Deployment Options
Proventia can be deployed at the gateway/perimeter as well as within the core of your high-speed networking infrastructure to secure network assets.
Operating Modes
Proventia is capable of operating in three modes:
- Prevention: inline, active blocking
- Simulation: inline, no blocking
- Monitoring: passive, no blocking

Management Features:

Flexible Policy Management
Proventia supports diverse usage scenarios, allowing policy control at the device, port, VLAN and IP address levels.
Web-based Local Management
Proventia's web-based local management interface (LMI) simplifies device management and monitoring.
Front Panel Management
Proventia's LCD controller on the front of the unit simplifies initial device configuration and allows convenient restart and shutdown options.
SNMP Management
Proventia integrates with 3rd-party network management products to provide key operational status indicators to network operations and security operations groups.
Centralized Management System Integration
Proventia can be centrally managed using the SiteProtector security management system. SiteProtector is a scalable system that allows your staff to control, monitor and analyze events efficiently.

Performance Characteristics
Throughput	15 Gbps
Inspected Throughput	6 Gbps
Operating Modes
Active protection	Yes
Passive detection	Yes
Inline simulation	Yes
Scalability
Protected segments	8
Monitoring interfaces	16 x SFP/mini-GBIC ports (1,000 TX/SX/LX)
High Availability
Active-active	Yes
Active-passive	Yes
Hardware-level bypass	External bypass (optional)
Redundant power supplies	Yes
Redundant storage	Yes
Dimensions
Form Factor	2-RU
Height (in/mm)	3.5/88
Width (in/mm)	16.9/429
Depth (in/mm)	20.5/520
Power Dissipation
Units	AC
Safety and Compliance
Safety Certifications	UL cUL EN 60950-1
Emissions certification	FCC Class A EN 55022 Class A EN 60950-1 EN 61000-3-2 EN 61000-3-3 EN 55024 VCCI Class A
Environmental certification	RoHS

Proventia Network Intrusion Prevention System
Model:	Remote Segments		Perimeter

	GX3002	GX4002	GX4004
Performance Characteristics
Throughput	10 Mbps	200 Mbps	200 Mbps
Latency	< 1 millisecond	< 150 microseconds	< 150 microseconds
Concurrent sessions	220000	1200000	1200000
Connections per second	3750	21000	21000
Operating Modes
Active protection	Yes	Yes	Yes
Passive detection	Yes	Yes	Yes
Inline simulation	Yes	Yes	Yes
Scalability
Protected segments	1	1	2
Monitoring interfaces	2 x 10/100/1000 copper	2 x 10/100/1000 copper	4 x 10/100/1000 copper
High Availability
Active-active	No	No	No
Active-passive	No	Yes	Yes
Hardware-level bypass	Integrated Bypass	Integrated Bypass	Integrated Bypass
Redundant power supplies	No	No	No
Redundant storage	No	No	No
Dimensions
Form Factor	Desktop	1-RU	1-RU
Height (in/mm)	1.97/50	1.73/44	1.73/44
Width (in/mm)	8.86/225	16.9/429	16.9/429
Depth (in/mm)	8.07/205	15/382	15/382
Weight (lb/kg)	2.6/1.2	24.5/11	24.5/11
Power Dissipation
Units	AC	AC	AC
Amps	1.5/1.0	4.96/2.48	4.96/2.48
Voltage (V)	115/220	115/220	115/220
Input range (V)	100-127/200-240	100-127/200-240	100-127/200-240
Environment
Operating Temperature	41°F - 104°F (5°C - 40°C)	50°F - 86°F (10°C - 30°C)	50°F - 86°F (10°C - 30°C)
Non-Operating Temperature	58°F - 184°F (0°C - 70°C)	-4°F - 158°F (-20°C - 70°C)	-4°F - 158°F (-20°C - 70°C)
Relative Humidity (Non-Operating)	90% @ 86°F (30°C)	90% @ 86°F (30°C)	90% @ 86°F (30°C)
Safety and Compliance
Safety Certifications	• UL • EN 60950-1	• UL • EN 60950-1	• UL • EN 60950-1
Emissions certification	• FCC Class B • EN 55022 Class B • EN 55024 • EN 61000-3-2 • EN 61000-3-3 • AS/NZS CISPR 22 • VCCI Class A	• FCC Class A • EN 55022 • EN 55024 • EN 61000-3-2 • EN 61000-3-3 • VCCI Class A	• FCC Class A • EN 55022 • EN 55024 • EN 61000-3-2 • EN 61000-3-3 • VCCI Class A
Environmental certification	RoHS	RoHS	RoHS

Proventia Network Intrusion Prevention System
Model:	Perimeter		Core

	GX5008	GX5108	GX5208	GX6116
Performance Characteristics
Throughput	400 Mbps	1.2 Gbps	2 Gbps	5 Gbps
Latency	< 200 microseconds	< 200 microseconds	< 200 microseconds	TBD
Concurrent sessions	1200000	1450000	1800000	TBD
Connections per second	35000	40000	60000	TBD
Operating Modes
Active protection	Yes	Yes	Yes	Yes
Passive detection	Yes	Yes	Yes	Yes
Inline simulation	Yes	Yes	Yes	Yes
Scalability
Protected segments	4	4	4	8
Monitoring interfaces	8 x 10/100/1000 Copper or 4 x 10/100/1000 Copper + 4 x SFP/Mini-GBIC Ports (1000 TX/SX/LX)	8 x 10/100/1000 Copper or 4 x 10/100/1000 Copper + 4 x SFP/Mini-GBIC Ports (1000 TX/SX/LX)	8 x 10/100/1,000 copper or 8 x SFP/mini- GBIC ports (1,000 TX/SX/LX)	16 x SFP/Mini-GBIC Ports (1000 TX/SX/LX)
High Availability
Active-active	Yes	Yes	Yes	Yes
Active-passive	Yes	Yes	Yes	Yes
Hardware-level bypass	External Bypass (optional)	External Bypass (optional)	External bypass (optional)	External Bypass (optional)
Redundant power supplies	Yes	Yes	Yes	Yes
Redundant storage	Yes	Yes	Yes	Yes
Dimensions
Form Factor	2-RU	2-RU	2-RU	2-RU
Height (in/mm)	3.5/88	3.5/88	3.5/88	3.5/88
Width (in/mm)	16.9/429	16.9/429	16.9/429	16.9/429
Depth (in/mm)	20.5/520	20.5/520	21.5/546	20.5/520
Weight (lb/kg)	40/18	40/18	37.5/17	TBD
Power Dissipation
Units	AC	AC	AC	AC
Amps	8.4/4.2	8.4/4.2	8.9/5.4	TBD
Voltage (V)	115/220	115/220	115/220	TBD
Input range (V)	100-127/200-240	100-127/200-240	100-127/200-240	TBD
Environment
Operating Temperature	50°F - 86°F (10°C - 30°C)	50°F - 86°F (10°C - 30°C)	50°F - 95°F (10°C - 35°C)	TBD
Non-Operating Temperature	-4°F - 158°F (-20°C - 70°C)	-4°F - 158°F (-20°C - 70°C)	-4°F - 158°F (-20°C - 70°C)	TBD
Relative Humidity (Non-Operating)	90% @ 86°F (30°C)	90% @ 86°F (30°C)	20% - 90% RH	TBD
Safety and Compliance
Safety Certifications	• UL • EN 60950-1	• UL • EN 60950-1	• UL 60950-1 • CAN/CSA C22.2 No. 60950-1 • EN 60950-1 (CE Mark) • IEC 60950-1	• UL • EN 60950-1
Emissions certification	• FCC Class A • EN 55011 Class A • EN 55022 Class A • EN 55024 • EN 61000-3-2 • EN 61000-3-3 • EN 6100-6-2 • VCCI Class A	• FCC Class A • EN 55011 Class A • EN 55022 Class A • EN 55024 • EN 61000-3-2 • EN 61000-3-3 • EN 6100-6-2 • VCCI Class A	• FCC Part 15, Class A • Canada ICES-003, Class A • EN 55022 Class A • EN 55024 • EN 61000-3-2 • EN 61000-3-3 • EN 6100-6-2 • VCCI Class A	• FCC Class A • EN 55011 Class A • EN 55022 Class A • EN 55024 • EN 61000-3-2 • EN 61000-3-3 • EN 6100-6-2 • VCCI Class A
Environmental certification	RoHS	RoHS	RoHS	RoHS

IBM ISS GX6116 IPS

IBM ISS GX6116 IPS

Data sheets

Highlights:

Key Features:

Protection Features:

Performance Features:

Management Features:

Free Consultation

Unbeatable Prices

Pro Services

24x7 Tech Support