Signature issue dogs top-notch Top Layer

Product: IPS 5500-1000

www.toplayer.com

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Company: Top Layer Networks

Product: IPS 5500-1000

www.toplayer.com

As a rate-based IPS, Top Layer is clearly top notch. Integrating signature-based IPS into the product was clearly a wise move for Top Layer, but the signature-based IPS capabilities are just not on par with the rate-based IPS — at least at this time.

While Top Layer has a mature product with an excellent management interface, the vendor hasn’t quite filled out the signature-based IPS part of its product to be as full-featured and flexible as the rate-based part. Nevertheless, the IPS 5500-1000 is still an outstanding IPS and would be a powerful security tool in an enterprise arsenal, especially used in front of server farms and other high-volume, static environments. 

The IPS 5500 was among the fastest performers in our tests with one and two port pairs. It delivered essentially line-rate performance in baseline tests with TCP and UDP alike. However, forwarding rates dropped and latency rose when we subjected the system to heavy attack.The IPS 5500 also leaked a small amount of attack traffic, but the vendor attributes that to a misconfiguration on its part in firewall policy.

< Previous: Pricy TippingPoint pushes | Return to main: IPS performance >

Read more about security in Network World's Security section.