9 Top Intrusion Detection and Prevention Systems

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  

Network intrusions have become the new norm. Phishing attacks are a $5.3 billion industry, and attacks are expected to exceed $9 billion in 2018, according to the FBI. It's up to security tools such as network intrusion detection and prevention systems (IDPS) to spot intruders before they can do serious damage.

The IDPS appliance market contains standalone physical and virtual appliances that inspect defined network traffic, either on-premises or in the cloud. The vendors covered in this report are those that scored well according to Gartner surveys.

Darktrace is included despite not being classified as an IDPS, because its technology has the potential to disrupt the market.

Jump to:

McAfee NSP

The McAfee Network Security Platform (NSP) is a network threat and intrusion prevention solution that protects systems and data wherever they reside, across data centers, the cloud, and hybrid enterprise environments. It can support up to 32 million connections on a single appliance uses intelligence to find and block advanced targeted attacks on the network.

Get an in-depth look at McAfee NSP

Trend Micro TippingPoint

TippingPoint identifies and blocks malicious traffic, prevents lateral movement of malware, ensures network availability and resiliency, and enhances network performance. It can be deployed into the network with no IP or MAC address to immediately filter out malicious and unwanted traffic. Digital Vaccine threat intelligence security filters cover the entire vulnerability footprint, not just specific exploits. The solution offers network traffic inspection throughput up to 120 Gbps.

See our in-depth look at Trend Micro Tipping Point

Hillstone NIPS

The Hillstone Network-based IPS (NIPS) appliance offers intrusion prevention, anti-virus, application control, advanced threat detection, abnormal behavior detection, a cloud sandbox and a cloud-based security management and analytics platform. NIPS operates in-line, performing deep packet inspection, and assembling inspection of all network traffic. It can identify more than 3,000 applications, including mobile and cloud.

See our in-depth look at Hillstone NIPS

Darktrace Enterprise Immune System

The Darktrace Enterprise Immune System is machine learning and AI technology for cyber defense. It iteratively learns a unique "pattern of life" for every device and user on a network, and correlates these insights to spot emerging threats that would otherwise go unnoticed. Darktrace does not consider itself an IPS or IDPS solution, and Gartner agrees that the company does not fit that category. However, the analyst firm named it a vendor to watch in this area of the market.

See our in-depth look at Darktrace Enterprise Immune System


The NSFocus Next-Generation Intrusion Prevention System (NGIPS) provides threat protection that blocks intrusions, prevents breaches, and safeguards assets. It uses a multi-layer approach to identify and address known, zero-day, and advanced persistent threats to protect from malware, worms, spyware, back-door Trojans, data leakage, brute force cracking, protocol attacks, scanning/probing and web threats.

See our in-depth look at NSFocus

H3C SecBlade IPS

The H3C SecBlade IPS is a module for H3C switches and routers. Integrating such functions as intrusion detection, intrusion prevention, virus filtering and bandwidth management, it can perform Layer-4 to Layer-7 in-depth analysis and detection and stop network attacks and abuses such as viruses, worms, Trojan horses, spyware, and webpage tampering in real time, with self-learning capabilities.

See our in-depth look at H3C SecBlade IPS

Huawei NIP

Huawei Network Intelligent Protection (NIP) provides virtual patches, web application protection, client application protection, anti-malware, antivirus, anti-DDoS, and application sensing and control on IPv4 and IPv6 networks. Vulnerability-based detection can prevent against overflow attacks and worm infections.

See our in-depth look at Huawei NIP

Entrust IoTrust Identity and Data Security

Entrust IoTrust Identity and Data Security is a connected ecosystem that is secure by design from device manufacturing through the entire IoT lifecycle. It uses enterprise-grade encryption technologies, and establishes trusted identities for devices across IoT infrastructures.

See our in-depth look at Entrust IoTrust Identify and Data Security

Cisco Firepower NGIPS

Cisco's Next-Generation Intrusion Prevention System comes in software and physical and virtual appliances for small branch offices up to large enterprises, offering throughput of 50 Mbps up to 60 Mbps. NGIPS offers URL-based security intelligence, AMP Threat Grid integration, and is backed by the company's Talos security research team.

See our in-depth look at Cisco Firepower NGIPS

IDPS comparison chart

IDPS comparison chart


Loading Comments...