Thit b[ phng chng xm nhp mang

IBM Proventia Network Intrusion Prevention System

Thit b[ pht hin v ngn chn xm nhp IBM Proventia Network IPS ngn chn cc tn cng truc khi
chng nh hung ti h thng mang. L h thng trin khai ni tuyn, hoat dng vi tc d thuc ca mang,
Proventia Network IPS ngn chn truc cc cuc tn cng bng cch v hiu ho cc l hng an ninh truc
khi n bj khai thc. Proventia Network IPS cng ngn chn cc dang tn cng nhu tn cng t chi djch vu
(DoS), trojan, cc hoat dng ti file theo kiu ngang hng, backdoor, cc lung http dc hai v cc file dnh km
e-mail m khng gy nh hung dn hoat dng ca mang.
IBM Proventia Network IPS c kh nng cp nht ni
dung nh cc nghin cu dn du v dim yu ca
di ng nghin cu v pht trin an ninh (X-Force)
ca IBM ISS. Trung bnh c 20 ln cp nht ni dung
an ninh trong mt nm.
Tao bo co
IBM Proventia Network IPS c kh nng tao bo co,
phn tch linh hoat theo:
Dang phn tch v tao bo co theo giao din web
Dang d thj
* Hai dng to bo co ny u yu cu c SiteProtector
C th theo di trang thi hoat dng ca thit b[
thng qua:
Thnh phn qun trj tp trung SiteProtector
Giao din web
Gi SNMP trap ti ng dung ca hng th ba
Tnh nng qun tr[ nng cao:
IBM Proventia Network IPS cho php lua chon chnh
sch an ninh cc mc thit bj, cng, VLAN v dja
chi IP mt cch linh hoat.
CC AC IEM NI BAT CA IBM PROVENTIA
NETWORK IPS
Giao din ngui dng
IBM Proventia Network IPS h tro cc kiu giao din
ngui dng: Qun trj thng qua phn mm qun trj
tp trung SiteProtector, Qun trj thng qua giao din
web vi Proventia Manager, thng qua giao din
dng lnh v thng qua Module LCD mt truc
ca thit bj.
Khi duoc qun trj bng SiteProtector: thuc hin
qun l cc chnh sch an ninh, cp nht tp
trung, theo di hoat dng ngui dng v phn
tch cc su kin an ninh mt cch linh hoat.
Vi Proventia Manager - giao din qun trj web-
based: cu hnh thit bj, cu hnh chnh sch an
ninh, theo di cc su kin an ninh trn tng thit
bj ring r
Giao din dng lnh: Thit lp cu hnh ban du
cho thit bj
Module LCD mt truc thit bj: Cu hnh thit
bj, khi dng lai v tt thit bj
Cp nht ni dung an ninh (s dng k thut
Virtual Patch ca IBM ISS)

Cc kiu dp tr tn cng
Khi pht hin c tn cng, IBM Proventia Network IPS s
c cc hnh dng dp tr: Block, Ignore, Log Evidence,
gi Email, Quarantine tn cng, gi SNMP hoc theo
djnh ngha ca ngui dng.
Cc ch d hoat dng:
Passive Monitoring: Gim st giao thng mang
(IDS), khi pht hin c tn cng, thit bj s gi mt
c reset d ngn chn kt ni.
Inline Simulation: Gim st giao thng mang, dua ra
cc cnh bo an ninh nhung khng chn cc tn
cng.
Inline Protection: Ngn chn cc tn cng bng cch
loai b cc gi tin/ gi mt c reset ti kt ni TCP.
H tr cc lut ca tung la
IBM Proventia Network IPS h tro cc lut dua trn s
hiu cng, dua trn dja chi IP hoc dua trn dang gi tin.
Chc nng quarantine
IBM Proventia Network IPS c kh nng tu dng chn
cc giao thng mang bt thung t mt host cu th d
gim nguy co nh hung dn cc host khc.
La chn Trust X-Force
IBM Proventia Network IPS c kh nng tu dng chn
cc nguy co mi dua trn cc khuyn nghj ca di
nghin cu an ninh X-Force.
Tnh sn sng cao
IBM Proventia Network IPS thuc hin dc tnh fail-open
khi mt ngun. c dim ny bo v su gin doan lung
giao thng bnh thung. Tnh nng ny cng duoc s
dung d ngt tam thi Proventia Network IPS ra khi
mang m khng nh hung dn hoat dng bnh thung
ca mang. Proventia Network IPS cn h tro cu hnh
dang Active/Active v Active/Passive.
H tr ton cu
H tro 24/7, bao gm c vic cp nht platform, h tro
k thut.
Kim sot truy cp
IBM Proventia Network IPS hoat dng ging nhu mt
dim kim sot truy cp trong mang bng cch dm bo
cc giao thng mang gia cc my tnh trong mang cng
ty/t chc duoc cc thnh phn pht hin v chng xm
nhp cho my tram bo v.
Nhn bit v bo v VoIP
IBM Proventia Network IPS phn tch v nhn dang cc
giao thc duoc s dung trong VoIP d xc djnh cc tn
cng. Cc giao thc duoc kim tra bao gm: SIP,
MGCP, H.323, H.225, H.245, Q.931, T.120 v SCCP.
Chng spyware
IBM Proventia Network IPS c chc nng chn phn
mm gin dip (spyware). Cng ngh nhn dang mi
duoc tch hop vo trong thit bj c kh nng chn cc
loai spyware d bit v chua bit tai ngay lp mang,
truc khi chng duoc ti xung client. i vi nhng
client d bj nhim spyware, Proventia Network IPS s
ngn chn cc bo co thu thp tin tc ca phn mm
ny bng cch tu dng chn hoat dng truyn d liu
ca n.
Nhn dang cc giao thc bng cc k thut sau:
Chi djnh cng giao thc
K thut tu tm kim
K thut theo vt cng giao thc
S dung dung ngm giao thc
Cc k thut phn tch giao thng mang:
Phn tch giao thc (trn 140 giao thc mang v
ng dung),
Tun th theo quy djnh ca RFC
Tp hop TCP
Tp hop lung
Phn tch thng k
Nhn dang theo mu
Ghi lai cc tn cng
Ghi lai cc gi tin tn cng v c kh nng TCP-dump
nhm thu thp cc thng tin dja chi ngun, cng ca
cc gi tin d.

CC THNG S CO BN CA IBM PROVENTIA NETWORK IPS

GX3002 GX4002 GX4004 GX5008 GX5108 GX5208 GX6116
Typical
deployment
Remote
office
Remote office Network
perimeter
Network
perimeter
Network core Network core Network core
Performance
characteristics

Throughput
10 Mbps 200 Mbps 200 Mbps 400 Mbps 1.2 Gbps 2 Gbps 15 Gbps
Inspected
throughput
10 Mbps 200 Mbps 200 Mbps 400 Mbps 1.2 Gbps 2 Gbps 6 Gbps
Latency
< 1
millisecond
< 150
microseconds
< 150
microseconds
< 200
microseconds
< 200
microseconds
< 200
microseconds
< 150
microseconds
Connections per
second
3,750 21,000 21,000 35,000 40,000 60,000 160,000
Concurrent
sessions (rated
max)
220,000 1,200,000 1,200,000 1,200,000 1,450,000 1,800,000 4,600,000
Physical
characteristics

Form factor
Desktop 1 rack unit 1 rack unit 2 rack units 2 rack units 2 rack units 2 rack units
Dimensions
Height (in/mm)
Width (in/mm)
Depth (in/mm)
Weight (lb/kg)

1.97/50
8.86/225
8.07/205
2.6/1.2

1.75/44
16.9/429
15.5/394
24.5/11.1

1.75/44
16.9/429
15.5/394
24.5/11.1

3.5/88
16.9/429
21.5 /546
37.5/17

3.5/88
16.9/429
21.5 /546
37.5/17

3.5/88
16.9/429
21.5 /546
37.5/17

3.5/88
16.9/429
21.5 /546
37.5/17
Monitoring
interfaces
2x10/100
copper
2x10/100/1,000
copper only
4x10/100/1,000
copper only
8x10/100/1,000
copper or
4x10/100/1,000
copper + 4x
SFP/mini-GBIC
ports (TX/SX/
LX transceivers
supported) or
8x SFP/mini-
GBIC ports
(1,000
TX/SX/LX)
8x10/100/1,000
copper or
4x10/100/1,000
copper + 4x
SFP/mini-GBIC
ports (TX/SX/
LX transceivers
supported) or
8x SFP/mini-
GBIC ports
(1,000
TX/SX/LX)
8x10/100/1,000
copper or 8x
SFP/mini-GBIC
ports (1,000
TX/ SX/LX)
16x
SFP/mini-
GBIC ports
(1,000
TX/SX/LX)
Inline protected
segments
1 network
segment
1 network
segment
2 network
segments
4 network
segments
4 network
segments
4 network
segments
8 network
segments
Redundant power
supplies
No No No Yes Yes Yes Yes
Redundant
storage
No No No Yes Yes Yes Yes

NH PHN PHI TAI VIET NAM

FPT DISTRIBUTION CO.,LTD
Hanoi Office: 3
rd
Floor Viglaceral building,
Hanoi
Tel: (84.4) 37301518
Fax: (84.4) 35537348
E-mail: http://www.fdc.com.vn
Ho Chi Minh Office: 3th Floor, 63 Vo Van Tan
Str, Dist 3, HCMC, VN
Tel: (84.8) 628252525
Fax: (84.8) 39304140
IBM VIETNAM
Hanoi Office: Pacific Plaza, 2nd floor,
83B Ly Thuong Kiet Str., Hanoi
Tel: (84.4) 3946 2021
Fax: (84.4) 3946 0203
Ho Chi Minh Office: 3B/F, Saigon Trade Centre
37 Ton Duc Thang Str., District 1, HCMC
Tel: (84.8) 3520 2099
Fax: (84.8) 3822 5432


GX3002 GX4002 GX4004 GX5008 GX5108 GX5208 GX6116
High availability
Active-
active: no
Active-
passive: yes
Hardware-
level bypass:
integrated
bypass
Active-active:
no
Active-
passive: yes
Hardware-
level bypass:
integrated
bypass
Active-active:
no
Active-passive:
yes
Hardware-level
bypass:
integrated
bypass
Active-active:
yes
Active-passive:
yes
Hardware-level
bypass: external
bypass
(optional)
Active-active:
yes
Active-
passive: yes
Hardware-
level bypass:
external
bypass
(optional)
Active-active:
yes
Active-
passive: yes
Hardware-
level bypass:
external
bypass
(optional)
Active-
active: no
Active-
passive: yes
Hardware-
level bypass:
external
bypass
(optional)
Electrical and
Environment
Parameters

Typical Power
Dissipation (W)
Current (A)
Frequency (Hz)
Input range (V,
AC)

34
1.5
50/60
100 240

200
5 3
50/60
100 240

200
5 3
50/60
100 240

220-404
8 4
50/60
100 240

220-404
8 4
50/60
100 240

220-404
8 4
50/60
100 240

220-404
8 4
50/60
100 240
Safety
certification/
declaration
UL 60950-1
CAN/CSA
C22.2
No. 60950-1
EN 60950-1
(CE Mark)
IEC 60950-1
UL 60950-1
CAN/CSA C22.2
No. 60950-1
EN 60950-1
(CE Mark)
IEC 60950-1
UL 60950-1
CAN/CSA C22.2
No. 60950-1
EN 60950-1
(CE Mark)
IEC 60950-1
UL 60950-1
CAN/CSA C22.2
No. 60950-1
EN 60950-1
(CE Mark)
IEC 60950-1
UL 60950-1
CAN/CSA C22.2
No. 60950-1
EN 60950-1
(CE Mark)
IEC 60950-1
UL 60950-1
CAN/CSA C22.2
No. 60950-1
EN 60950-1
(CE Mark)
IEC 60950-1
UL 60950-1
CAN/CSA
C22.2
No. 60950-1
EN 60950-1
(CE Mark)
IEC 60950-1
Environmental
declaration
RoHS RoHS RoHS RoHS RoHS RoHS RoHS