Intrusion Detection/Prevention - IBM/McAfee IPS: You Can't Both Be the Fastest Ever - eWeek Security Watch
Security Watch
SHARE
Facebook X Pinterest WhatsApp

IBM/McAfee IPS: You Can’t Both Be the Fastest Ever

Written By
Lisa Vaas
Lisa Vaas
May 24, 2007
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

IBM put out a network IPS on May 22 with inspection rate speeds of 6G bps—what it calls “unsurpassed” performance. McAfee put out an IPS on May 22 that it says is the fastest network intrusion prevention system ever, its 10G-bps IntruShield M-Series platforms.

McAfee’s faster at 10G bps, right? Well, when I asked, IBM said its new Proventia Network IPS GX6116 supports throughput of up to 15G bps (5 gigs over McAfee’s IPS); it’s the packet inspection rate that’s “only” 6G bps.

OK, fair enough. That got McAfee really steamed. McAfee came back with this statement/tome:

  • IBM says it has 15G bps throughput while following it with the fact that you are only getting pre-emptive protection (code name for security) up to 6Gbps. What this means is that from 6G bps to 15G bps the appliance is essentially acting not as a network IPS but as the most expensive Gigabit Optical cable you could buy.
  • IntruShield is the ONLY network IPS in the world to hold the new Multi-Gigabit IPS certification from the NSS Group. You can’t pass this NSS test unless you deliver performance + security and protection with no compromise. McAfee was the only one—out of 12 vendors—to pass this stringent test.
  • IBM’s appliance is pushing traffic through with no real-time proactive intrusion prevention at that level of performance.
  • On PC-based IPS solutions like this (and most of the others out there), increased performance = less security. Once you’re beyond 6Gbps (at most), you’re in the ‘less security’ zone.
  • A 6Gbps IPS solution is a good achievement, however the IntruShield solution is completely different. IntruShield is the only network IPS that is purpose-built from the ground up to do nothing but network IPS. That means that whether you’re deploying our 200M bps appliance or our new 10GigE/10Gbps appliance, you do not get a diminished or compromised level of security at the maximum throughput.
  • IntruShield is not a PC. It’s an ASIC-based purpose-built solution and real-time operating system. It performs deep-packet inspection while parsing more that 120 different protocols, all in real-time. When we say 10Gbps, we mean 10Gbps and 100% security.

Don’t you love marketing? If you’ve deployed an IPS and have thoughts on these performance tug-of-wars, or if your organization is one of those that need “real-time” packet inspection, I’d love to hear your take.

Lisa Vaas
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information