Blog

Protecting the Data Center: Key Characteristics and What to Look for in Your DCIPS

February 16, 2018

The threat landscape is evolving and new attacks from various vectors are constantly emerging to exploit enterprises. In the past year, the number of records exposed by data breaches totaled more than 174 million and the average cost of breaches was $3.6 million.

Increasingly, data centers serve as the nerve center of business operations, and ultimately, business success hinges on their resiliency and security. However, enterprise IT infrastructures typically comprise multiple tiers of users, customers and/or partner portals, so protecting them is no small task. Data centers in particular house a mix of databases, in-house applications, third-party applications, and web services, and these function in environments that must constantly adapt as technology advances and new business applications are added.

Data center intrusion prevention systems (DCIPS) are designed to help ensure attacks are not carried out on core assets in the data center. These attacks are either from the Internet or from infected client or server machines within the enterprise intranet. DCIPS typically are subjected to significantly higher traffic levels than are IPS deployed at corporate network perimeter. They sit inline (as a “a bump in the wire”) inside the data center perimeter to provide deep packet inspection and internal network segmentation without introducing the complexity of a routing firewall.

Buyers investigating data center network security products for their use cases and deployment scenarios need clear facts and established benchmarks by which to assess similarly configured DCIPS products. During product evaluation, the following questions should be asked:

  • Is the device ready for IPv6?
  • What server operating systems and applications are to be protected?
  • How resistant is the device to common evasion techniques?
  • What are the device’s performance capabilities, and does it have latency issues?
  • Do vendor performance claims match actual performance?

NSS Labs will soon be releasing the results of its 2018 Data Center Intrusion Prevention System Group Test, which is based on the NSS Labs Data Center Network Security Test Methodology v1.0. The results will reveal the security effectiveness, stability and reliability, and total cost of ownership (TCO) of tested devices as well as performance capabilities and any latency issues for both IPv4 and IPv6.