This report is available through the Data Center Intrusion Prevention System Category Subscription. All of our subscription options can be viewed here.
Authors: Thomas Skybakmoen, Keith Bormann, Ryan Turner, Matt Chips, Matt Wheeler
Publish Date: October 30, 2018
DCIPS devices monitor and block malicious activities using deep packet inspection and application/user awareness and control capabilities. They handle traffic for potentially hundreds of thousands of users who are accessing large applications and/or computing servers hosted in the data center. DCIPS devices are typically deployed inline behind the data center perimeter (“a bump in the wire”) to inspect network traffic, or they are deployed out-of-band to provide internal network segmentation as well as to monitor and block the lateral movement of threats without introducing the complexity of a routing firewall.
Implementation of DCIPS devices can be a complex process, with multiple factors affecting the overall performance of the device. This Comparative Report provides data on factors affecting a DCIPS ability to perform, including:
- Connection rates
- Real-world traffic scenarios: transactional, multimedia, corporate
- Fortinet FortiGate 3200D v5.4.10 GA Build 7811
- Fortinet FortiGate 6300F v5.4.10 GA Build 4283
- Trend Micro TippingPoint TPS 8400TX v184.108.40.20665
To learn how vendors performed, download a copy of each Test Report. NSS clients can also download the DCIPS Comparative Reports on Security, Security Value Map, and Total Cost of Ownership.
As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodologies Data Center Network Security (DCNS) Test Methodology v2.0, and Evasions Test Methodology v1.2 that were applied is in the public domain to provide transparency and to help enterprises understand the results.