Tolly Report Overview

Sponsor:   Internet Security Systems, Inc. (IBM)     View all reports from this sponsor

Title: Internet Security Systems Proventia Intrusion Prevention Appliance G2000 Throughput, Latency and Failover Performance Evaluation

Publication date:   12 April 2005
Document number:    205110


Internet Security Systems Inc. commissioned The Tolly Group to evaluate the performance of its Proventia Intrusion Prevention Appliance G2000, a security appliance designed to monitor all inbound traffic, intercept attack traffic and other security threats and block the attacking stream so it does not reach intended targets. The Proventia G2000 is an eight-port device capable of supporting four monitoring segments with two ports dedicated to each segment. The appliance came with two 10/100/1000 Ethernet management ports and has an advertised throughput of 2 Gbps.

Tolly Group engineers measured the zero-loss Layer 2 bidirectional throughput of the Proventia G2000, as well as the latency of the appliance. In addition, engineers measured the TCP performance in terms of the sustained new connection rate and the maximum simultaneous connections supported. Lastly, Tolly Group engineers evaluated the effectiveness of the Proventia G2000 at thwarting certain Denial of Service (DoS) attacks that otherwise could impact network performance adversely. Tests were conducted in March 2005.

Tests show that the Proventia G2000 is able to deliver network performance on par with typical network switching devices, meaning its presence will not degrade network throughput when it is deployed in an enterprise network. Tests show the Proventia G2000 delivers between 2 Gbps and 5 Gbps of Layer 2, bidirectional, zero-loss throughput (depending on frame size), along with low latency. Moreover the appliance processes TCP connections at rates that are necessary to support scalable enterprise applications and also help repel DoS attacks. Finally, tests show the Proventia G2000 repels DoS, Nimda and Blaster attacks on one network segment without compromising the throughput rate of normal application traffic traversing a second network segment. In essence, good traffic on one network segment remains unaffected by attack traffic that is isolated on a second network segment.

Number of pages: 6      Publication price: $0.00

Register to download   or login

Click on image to download this report

Click Here to search the Tolly archives