About the Network IPS appliances

The IBM® Security Network IPS appliances are purpose-built, Layer 2 network security appliances that you can deploy either at the gateway or the network to block intrusion attempts, denial of service (DoS) attacks, malicious code, backdoors, spyware, peer-to-peer applications, and a growing list of threats without requiring extensive network reconfiguration.

Product features

The Network IPS appliances provide the following features to protect your network against threats:

  • Automatic security content updates

    You can automatically activate updated security content and apply that content to Network IPS appliances. Security content with a suggested action "set to block" is certified to be free of false positives.

  • Virtual Patch™ protection

    The IBM Virtual Patch® process automatically updates and applies protection policies to vulnerabilities before exploits are developed.

  • Quarantine capabilities

    Network IPS appliances enable an immediate and reliable quarantine of traffic from infected hosts and network segments, while allowing legitimate traffic to pass unhindered.

  • Inline simulation mode

    Network IPS appliances and systems are the only intrusion prevention products available with an inline simulation mode, giving you the flexibility to actively block or passively monitor threats.

  • High availability (HA)

    Multiple Network IPS appliances that are deployed in an active/active configuration provide the highest redundancy possible while maintaining full session state maintenance between devices.

  • IPv6 network support

    Network IPS appliances support IPv6 networks for many features, including Firewall Rules, Connection Events, and Quarantine Rules.

  • Single-click blocking

    Network IPS appliances can instantly block events from a central location with one click.

  • SNORT

    Network IPS appliances include an integrated SNORT system that processes packets, sends alerts, logs events, and generates quarantine rules in response to traffic that is identified by specific configuration contents and rules.

Management systems and IBM Security Network Intrusion Prevention System (IPS) products

You use the Network IPS Local Management Interface, a local web-based management interface to install updates and adjust configuration settings as needed. You use the SiteProtector™ system to change policies if you are managing multiple intrusion prevention or detection products.

This online help provides the information that you use to complete tasks as you work with the following appliances and systems:
  • IBM Security Network Intrusion Prevention System (IPS) Appliances (GX3000 series and above)
  • IBM Security Network Intrusion Prevention System (IPS) Virtual Appliances