Top Layer Networks' Attack Mitigator IPS 5500 Delivers Superior Real-World Protection and Performance over TippingPoint's UnityOne.WESTBORO, Mass. -- The Tolly Group Verifies that Top Layer's IPS (1) (Inches Per Second) The measurement of the speed of tape passing by a read/write head or paper passing through a pen plotter. (2) (IPS) (Intrusion Prevention S 5500 offers Higher Levels of Protection and Performance For Real-World Networks Top Layer Networks, Inc., provider of widely deployed inline Intrusion Prevention See IPS and IDS. System (IPS), today announced that a Tolly Group test has proved that Top Layer's IPS 5500 offers better protection and performance compared to TippingPoint's (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : TPTI TPTI Third Party Turn In ) UnityOne product. Using test scenarios that mirror real-world customer networks and traffic loads, The Tolly Group validated that Top Layer's Attack Mitigator IPS 5500 offers higher levels of performance without sacrificing protection. Thus, customers can have the utmost confidence in deploying Top Layer's IPS solutions to protect their critical IT assets. "We created tests that were based on real-world network traffic conditions, embedding attacks into legitimate traffic to examine the true effectiveness of the intrusion prevention solutions we were evaluating," said Kevin Tolly, president/CEO of The Tolly Group. "Test results clearly show that Top Layer's Attack Mitigator IPS 5500 performed at levels of both protection and performance that far exceeded those of TippingPoint's UnityOne-2400 IPS product in real-world network environments." Top Layer Provides Superior Protection Against Malicious Content The Tolly Group's results show that Top Layer's IPS 5500-1000 product provides superior protection against Internet worm (networking, security) Internet Worm - The November 1988 worm perpetrated by Robert T. Morris. The worm was a program which took advantage of bugs in the Sun Unix sendmail program, Vax programs, and other security loopholes to distribute itself to over 6000 computers on the attacks while mixed with legitimate HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. transactions. Results of the testing show that the IPS 5500 was able to maintain full connection rates of legitimate traffic, while blocking all worm traffic. TippingPoint's UnityOne-2400 was not only unable to handle typical traffic loads thereby blocking legitimate traffic, but also allowed malicious worm traffic to penetrate the internal network. All it takes is a single worm or other exploit to cripple an entire infrastructure. Only Top Layer was able to pick the malicious "needle" out of the network "haystack." Top Layer Provides the Best Protection Against DDoS Attacks According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. The Tolly Group, in comparison to TippingPoint's UnityOne-2400, Top Layer's IPS-5500-1000 provided the best protection and performance while under SYN Flood attack An assault on a network that prevents a TCP/IP server from servicing other users. It is accomplished by not sending the final acknowledgment to the server's SYN-ACK response (SYNchronize-ACKnowledge) in the handshaking sequence, which causes the server to keep signaling until it . Tests show that the IPS 5500 was able to block high-volumes of SYN Flood attack packets without degrading the performance of the legitimate traffic. By contrast, the UnityOne-2400 blocked good traffic and allowed some SYN Flood A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system.When a client attempts to start a TCP connection to a server, the client and server exchange a series of messages which normally runs traffic to penetrate the internal network. Allowing SYN Flood traffic to penetrate the internal network may cripple the protected assets, rendering them unavailable for normal business use. Top Layer Delivers the Industry's First IPS Solution to Provide 8Gbps of Non-Stop Protection Tolly Group has verified that the Attack Mitigator IPS 5500 ProtectionCluster(TM) provides 8 Gbps of protection in a compact 4U form factor. Top Layer maintains full stateful protection capabilities through its intelligent stateful load sharing Distributing the workload between two or more computers. See load balancing. . More state information provides better protection through a thorough understanding of all flows in a session. Most other solutions aren't capable of employing full-time stateful inspection A firewall technology that ensures that all inbound packets are the result of an outbound request. Also called "stateful packet inspection" (SPI), it was designed to prevent harmful or unrequested packets from entering the computer. . Even worse, when handling asymmetric traffic, other solutions must completely "dumb down dumb down verb A popular term for simplifying language to a less sophisticated–ergo, 'dumb'–audience " their protection to simple packet filtering See packet filter. (IP or MAC address filtering) due to architecture and performance limitations. Competing solutions can provide performance and reliability only by severely exposing an organization's critical assets to potentially devastating dev·as·tate tr.v. dev·as·tat·ed, dev·as·tat·ing, dev·as·tates 1. To lay waste; destroy. 2. To overwhelm; confound; stun: was devastated by the rude remark. attacks. Top Layer Continues to Provide Drop-In Deployment with Microsecond One millionth of a second. See space/time and ohnosecond. (unit) microsecond - One millionth (10^-6) of a second. Latency Throughout the various tests, Top Layer's Attack Mitigator IPS 5500 continuously held a distinct advantage in the area of response times. The IPS 5500 maintains microsecond latency versus millisecond One thousandth of a second. See space/time and ohnosecond. (unit) millisecond - (ms) One thousandth of a second, one thousand microseconds. A long time for a modern computer. latency for TippingPoint's UnityOne. This proves that the IPS 5500-1000 processes data streams more quickly than the UnityOne-2400. Performance without Sacrificing Protection Through real-world testing, the IPS 5500 proves itself as the best solution that can handle today's network performance requirements, while: --Avoiding being a bottleneck by introducing only microsecond latency under load --Blocking malicious traffic, without blocking legitimate traffic --Scaling for additional user and performance requirements "The results of The Tolly Group's rigorous real world testing demonstrate Top Layer's technology leadership. Our superior non-stop protection and performance capabilities are a direct result of Top Layer's second generation TopFire(TM) ASIC (Application Specific Integrated Circuit) Pronounced "a-sick." A chip that is custom designed for a specific application rather than a general-purpose chip such as a microprocessor. and TopInspect(TM) Deep Packet Inspection Analyzing network traffic to discover the type of application that sent the data. In order to prioritize traffic or filter out unwanted data, deep packet inspection can differentiate data, such as video, audio, chat, voice over IP (VoIP), e-mail and Web. Technology," said Mike Paquette, Vice President of Product Marketing and Management at Top Layer Networks. Overview of Tolly Group's Test Environment The test environment used for this IPS evaluation was a departure from previous methodologies where vendors test their products in non real-world test scenarios. Many vendors employ improper methods to improve their perceived capabilities. The Tolly Group's test infrastructure used the following methodologies for performing the various test scenarios: --Used Routers and not just Layer 2 Switches - Some vendors use Layer 2 switches to connect test tools to their IPS. This technique allows the IPS to quickly identify the MAC address of the attacker, and block attacks based on simple MAC address filtering rather than on more advanced IPS capabilities. When forced to test in an environment more typical of routed network topologies, the performance at which the IPS can protect against attacks is usually much lower. --Tested with Real-World Protocols - Most real-world attacks are intertwined with legitimate user traffic. It is much more difficult to pick out malicious traffic hidden amongst legitimate background traffic. A mix of typical protocols (i.e. web file transfer and email) can also affect how well a device's protection policies perform. --Simulated Actual Business Traffic Levels - The challenge for most security devices is to detect and block attacks at real-world user traffic levels. Higher traffic loads reveal the true capabilities of an IPS. Testing procedures and scripts are available upon request. Complete test results are available at both Top Layer's Web site (http://www.toplayer.com/IPS5500TollyTest.jsp) and The Tolly Group's Web site (http://www.tolly.com). About The Tolly Group The Tolly Group, an independent testing and strategic consulting organization based in Boca Raton Boca Raton (bō`kə rətōn`), city (1990 pop. 61,492), Palm Beach co., SE Fla., on the Atlantic; inc. 1925. Boca Raton is a popular resort and retirement community that experienced significant industrial development in the 1970s and 80s. , FL, offers a full range of services designed to furnish both the vendor and end-user communities with authoritative and unbiased information. Additionally, The Tolly Group is recognized worldwide for its expertise in assessing leading-edge technologies. For more information on The Tolly Group's services, visit its Web site at http://www.tolly.com, E-mail info@tolly.com, call (561) 391-5610, or fax (561) 391-5810. About the Attack Mitigator IPS 5500 Top Layer's IPS 5500 offers the best network-level and application-level protection from cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual. threats including undesired access, malicious content (viruses, worms, Trojans and other remote exploits), and rate-based attacks (DoS, DDoS and other Flood attacks). Top Layer's IPS 5500 solution has been uniquely designed to defend against not only known threats but also provide protection from newly discovered "zero-day" exploits. Top Layer provides high performance, non-disruptive full content inspection and analysis coupled with intelligent blocking of attacks through TopFire(TM) second-generation ASIC technology and TopInspect(TM) Deep Packet Inspection algorithms. For more information on The Attack Mitigator IPS 5500, please contact sales@TopLayer.com, or call +1 508-870-1300. About Top Layer Networks, Inc. Founded in 1997, Top Layer Networks (http://www.TopLayer.com) develops network security solutions that enable enterprises worldwide to protect their infrastructure and critical online assets from cyber threats. The Company's patented, ASIC-based products are engineered to deliver accurate and reliable protection mechanisms while operating as robust in-line network security devices. Top Layer Networks is headquartered in Westboro, Massachusetts with sales and support presence in Canada, France, Germany, Japan, Korea, the Netherlands and the United Kingdom. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion