Is bigger, better?

When it comes to network security and the volume of threats that attack enterprise networks, having more power and throughput can be the differentiator between being safe and becoming a victim. At the RSA security conference currently underway in San Francisco, IBM unveiled its biggest and most robust network security appliance yet.

The IBM Network Intrusion Protection System (IPS) GX7800 has an underlying Linux operating system and provides up to 20 gigabits per second (Gbps) of performance and includes both traditional IPS as well as web application security features.


"This is our highest end device and it's handling things like datacenter consolidation where the pipe is getting bigger and bigger," Marc van Zadfelhoff, director of strategy for IBM security solutions told InternetNews.com.

Van Zadfelhoff noted that the GX7800 benefits from IBM's X-force for an intelligence feed for new and evolving threats and to provide virtual patching.

According to Van Zadfelhoff, the GX7800 leverages the same Network Intrusion Prevention firmware that IBM first announced in July of 2010. At the time, IBM introduces Web Application Firewall (WAF) technology to its IPS system to defend against both network and application layer attacks.

"It's the same system but we've really done the improvements under the covers with speed," Van Zadfelhoff said.

The GX7800 combines Intel-based x86 architecture with IBM designed pre-processing, accelerating the inspection of protocols and applications. The pre-processing, using XLR processors, performs first look inspection and determines which packets need to flow to the multi core x86 architecture. The Protocol Analysis Module (PAM) has also been revised to run in multi-threaded, multi-core architecture.

Van Zadfelhoff does not see the GX7800 as replacing any existing element in the IBM portfolio. Rather he sees the new appliance as likely being a good solution for an enterprise that is putting in new gear to help consolidation or as part of a new datacenter.

The overall market for network security and IPS solutions is a growing one. A report issued in 2010 by Infonetics Research forecast the market to be worth $1.2 billion by 2014. HP's TippingPoint as well as Cisco are both very active in the competitive marketplace for IPS solutions.

"As customers need more speed, we will meet that need and this release is showing that," Van Zadfelhoff said. "What you'll see more of is about how we build in more capabilities for identity management, service levels and applications. There is a lot that we can still build into this device moving forward. "

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.

Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.