One of the key use cases for our customers is the protection of their data center environments, which can involve moving off the perimeter into the data center or segmenting their data center from the rest of the organization. It is imperative that a data center security solution not only deliver high inspection throughput and low latency for the significant traffic demands, but also accurate and effective security that doesn’t introduce false positives or create any network traffic bottlenecks.
“Recommended” DCIPS by NSS Labs
Research from NSS Labs indicates that DCIPS devices are typically deployed to protect data center assets, and most enterprises will tune intrusion prevention system (IPS) modules within their DCIPS. Therefore, during NSS testing, DCIPS products are configured with a tuned policy setting in order to provide readers with relevant security effectiveness and performance dimensions based on their expected usage.
NSS Labs tested five DCIPS vendors and based their evaluations on security effectiveness, performance, stability and reliability, and total cost of ownership (TCO) using their Data Center Network Security Test Methodology v1.0_041717. Given that DCIPS devices are deployed at critical choke points in the network, these devices must be as stable, reliable, fast, and flexible as the network it protects.
The TippingPoint 8400TX is designed for network transparency, and can be deployed seamlessly into the network as a “bump in the wire” device with no IP address or MAC address to immediately filter out malicious and unwanted traffic. For the group test, a stacked configuration of two TippingPoint 8400TX devices were used with a total inspection throughput of 80 Gbps. As we have seen in our internal test results as well as customers environments, the results confirmed the TippingPoint 8400TX’s ability to protect data center environments without impacting network performance. The 8400TX also passed every stability and reliability assessment without triggering any false positives.
On the DCIPS group test results, we blocked 89% of exploits and came in at a rated throughput of 82,076 Mbps for IPv4, which is higher than our claimed performance of 80 Gbps (80,000 Mbps). We also achieved very low latency – testing at 8 microseconds or lower. Total cost of ownership for the TX Series was rated at $6.14 per protected Mbps for IPv4 and $6.67 per protected Mbps for IPv6.
The More, The Merrier
While we conduct our own internal testing on our solutions to make sure they meet our rigorous standards and requirements, we see NSS Labs as a valued resource for those navigating the solution marketplace looking to validate their purchasing decisions. Not only are we recommended in the DCIPS group test, we are also recommended in the 2017 NGIPS Group Test as well as the 2017 Breach Detection System Group Test. Our recommended ratings from NSS Labs across three disciplines offer external validation of the security, performance, and reliability of our network defense solutions.
Powered by XGen™ security, Trend Micro goes beyond next-gen IPS to provide a blend of cross-generational techniques that apply the right technology at the right time to deliver integrated detection and prevention of known, unknown and undisclosed threats. Our smart, optimized, and connected technology achieves faster time to protection, delivers high performance and automated protection, and provides real-time sharing of threat intelligence and centralized threat insights for the most demanding network environments. You can download the full NSS Labs DCIPS test report for the TippingPoint 8400TX here.
To learn more about the TippingPoint 8400TX, visit https://www.trendmicro.com/en_us/business/products/network/integrated-atp/threat-protection-system/tx-series-tps.html
