Abstract

Enterprise-class networks today are facing more advanced threats from a multitude of sources than ever before. Effective threat protection solutions must defend against real-world threats that are evolving quickly, and at the same time deliver high levels of performance and availability. IBM commissioned Tolly to evaluate their protocol-based IBM Security Network Intrusion Prevention System GX7800 and compare its efficacy to that of a Snort-based device, a signature- based platform.

Tolly engineers conducted many different performance tests with the GX7800 and achieved a maximum of 35.7 Gbps throughput under mixed traffic loads. This demonstrates a great tolerance for network surges, growth and capacity over IBM's published performance characteristics. Tolly also evaluated the GX7800’s efficacy and functionality.

Tests showed the GX7800 to be more effective blocking publicly-available exploits than Snort and dramatically more effective when blocking mutated exploits - blocking 100% compared to 52% for Snort.