Network World
Wednesday, January 7, 2009
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Jamey Heary: Cisco Security Expert

Cisco Subnet
NetworkWorld.com > Community > Jamey Heary: Cisco Security Expert

Navigation

Cisco Releases New 4Gbps IPS 4270 Appliance

By jheary on Wed, 12/05/2007 - 9:29am.

Cisco has finally entering the high speed IPS market segment! Cisco’s is shipping the IPS 4270 IPS Appliance which can deliver up to 4Gbps of real-world media-rich traffic inspection. Cisco is proud of the fact that this benchmark number was achieved with the Cisco recommended IPS protection settings enabled on the 4270. They used real-world, stateful traffic flows in their testing. Cisco has not released the best case, pie in the sky, UDP performance numbers of the 4270 yet. But it has released expected real-world performance numbers if you deploy the 4270 in a highly transactional environment like e-commerce or IP Voice. This type of environment will drop performance down to 2Gbps of IPS inspection.

The IPS 4270 runs on the same software as the other Cisco IPS appliances in the product line. So no learning curve for those that are already familiar with it. Just like all of the other IPS Appliances the 4270 can be scaled using ether-channel technology. For details on how to architect Cisco IPS to inspect your 10 Gig links see my previous post on the topic here http://www.networkworld.com/community/node/18384 .
Ether-channel load-balancing allows for up to (8) 4270’s to be load-balanced together.

The 4270 is capable of running in both IPS and IDS mode simultaneously. The mode is configured on a per interface basis allowing for maximum deployment flexibility.

Here are some of the tech specs:

  • Supports up to 16 IPS sensing interfaces
  • Supports 1000’s of logical virtual LAN(VLAN) interfaces
  • 2 built-in gigabit Ethernet port
  • 6 usable expansion slots available
  • 2 port 1000BASE-SX gigabit Ethernet fiber module available
  • 4 port 10/100/1000BASE-T Ethernet module available
  • Support for both hardware and software bypass mechanisms in case of a failure
  • Redundant, hot swappable power supplies
  • Diskless architecture utilizing compact flash for improved reliability
  • 4RU chassis


List pricing for the 4270 with 4 10/100/1000baseT sensing interfaces and 1 ethernet management interface (IPS4270-4GE-K9) is $89,995.00.

For some additional information see here:

http://www.cisco.com/en/US/products/ps9157/index.html

http://www.ciscosystems.or.at/en/US/products/hw/vpndevc/ps4077/products_installation_guide_chapter09186a00808c28de.html .

Permalink
Tags:

About Jamey Heary

Jamey Heary, CCIE No. 7680, is a security consulting systems engineer at Cisco. He leads its Western Security Asset team and is a field advisor for Cisco's global security virtual team. Jamey is the author of the recently published Cisco NAC Appliance: Enforcing Host Security with Clean Access. His areas of expertise include network and host security design and implementation, security regulatory compliance, and routing and switching. His other certifications include CISSP, CCSP, and Microsoft MCSE. He is also a Certified HIPAA Security Professional. Jamey has been working in the IT field for 14 years and in IT security for 9 years.

Contact him.

RSS feed XML feed

Jamey Heary archive.

Cisco Subnet

RSS feed Cisco news RSS feed

The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.

Advertisement: