ISS Appliance Blocks Malicious Traffic

Internet Security Systems releases its Proventia G200, the first of its G Series line of intrusion prevention appliances.

LAS VEGAS—Continuing the gradual rollout of its line of security appliances, Internet Security Systems Inc. on Monday will announce the availability of the Proventia G200, the first box from its G Series line to hit the market.

The G Series is ISS entry into the intrusion prevention market, and all of the appliances in this line have the ability to not only detect, but block, malicious inbound traffic. The boxes are capable of operating in three distinct modes: active, passive and simulation.

In active mode, the G Series appliances act as inline devices, inspecting all of the incoming traffic and blocking attacks and malicious code such as Trojans and backdoors. In passive mode, the boxes are not inline and dont perform active blocking. And when set for simulation mode, the appliances sit inline but dont do active blocking.

The idea is to give customers as many deployment choices as possible, ISS officials said. The G200 can sit in front of or behind a firewall and has the capability to learn what traffic to block and what to let go. The default policy on the appliances is based on work done by the companys X-Force research team, and officials say that policy should work for most customers.

"This represents the longest QA cycle that weve ever done," said Tim McCormick, vice president of product strategy at ISS, based in Atlanta. "Were very confident in the default policy on this."

The G200 is the high end of the G Series and is designed to handle a full-duplex 200M-bps network segment, or two half-duplex 100M-bps segments.

The G Series is the second of three distinct lines of appliances to come out of ISS this year. The M Series appliances, launched last month, are the companys all-in-one, Swiss Army knife boxes. The appliances have a blade-based architecture, and customers can choose from among a number of security applications, including VPN, content filtering, anti-virus, spam blocking, firewall and intrusion detection.

As for the G Series, McCormick said ISS is aiming at its traditional customer base of large enterprises and organizations.

"I think some of the same customers that have been working with IDS will be ripe for IPS. Theyre looking for that next layer of protection," he said.

The G200 will sell for $11,995 and is available as of Monday.