Data Center Intrusion Prevention SystemS
Enterprises demand a lot of their data centers, which makes their performance and availability paramount. Infrastructure and application architectures are designed to work in concert with each other, thus any incorrectly sized or configured components can disrupt applications for employees or customers. Network security technology is essential in a data center architecture, providing connectivity, and in some cases, traffic inspection or special handling to protect critical assets.
NSS Labs uses the term data center network security (DCNS) to describe devices that provide network security for systems within the data center. There are several device types in this category; the data center intrusion prevention system (DCIPS) and the data center firewall (DCFW) are the most well-known. A third type of device combines the capabilities of the DCFW and DCIPS and is referred to as a data center security gateway (DCSG).
Designed to identify and block attacks against web servers, application servers, and database servers, a DCIPS can provide temporary protection and relief from the immediate need to patch affected systems. The DCIPS must catch sophisticated attacks while producing nearly zero false positives, and it must not significantly degrade network performance or it will never be installed.
What We Tested
NSS Labs’ Data Center Intrusion Prevention System (DCIPS) Group Test evaluates market-leading DCIPS products on their security effectiveness, performance, stability and reliability, and total cost of ownership (TCO). The test provides Comparative Reports and individual Test Reports to help enterprises make informed decisions to evolve and rationalize their cyber risk programs.
· Click here to read the DCNS Test Methodology v2.0.
· Click here to read the NSS Labs Evasions Test Methodology v1.1
· Fortinet FortiGate 3200D v5.4.10 GA Build 7811
· Fortinet FortiGate 6300F v5.4.10 GA Build 4283
· Trend Micro TippingPoint TPS 8400TX v220.127.116.1165