Professional Documents
Culture Documents
ISS Pocket Guide
ISS Pocket Guide
SiteProtectorTM System
IBM Proventia
IBM Proventia
IBM Proventia
Multi-Function Security
IBM Proventia
Server Intrusion
Prevention System
IBM RealSecure
Server Sensor
IBM Proventia Endpoint Secure Control
Uses IBM Internet Security Systems Ahead of the threat technology to block intrusion attempts, DoS attacks, malicious code transmission, backdoor activity and hybrid network-based threats.
Provides a comprehensive, all-in-one network security solution for even the most complex networks. Also helps organizations maintain government
regulations and industry compliance requirements (helps address 10 out of 12 PCI requirements). Unified on an extensible platform, the Proventia MFS
comes complete with robust firewall, IPsec or SSL VPN, antivirus, anit-spam web filtering and intrusion prevention security modules.
Offers vulnerability protection and helps quantify and reduce overall risk to all
network components. Appliance or software solutions identify where risk exists,
prioritize and assign protection, and report results.
IBM RealSecure
Server Sensor
Workstations/Laptops
Servers
Servers
Remote Segments
Remote Segments/
Network Perimeter
Network Perimeter/
Network Core
Enterprise Core/High-Speed
Perimeter connections
Carrier Infrastructure
Unlimited
Unlimited
Unlimited
Unlimited
Unlimited
Powered by X-Force
Powered by X-Force
Powered by X-Force
Powered by X-Force
Powered by X-Force
Desktop
1U appliance
2U appliance
2U appliance
Desktop Appliance
Desktop Appliance
1U Appliance
1U Appliance
2U Appliance
2U Appliance
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
Yes
No
No
No
Yes
No
No
No
Yes
No
No
No
Yes
No
No
No
Yes
Yes (from Sophos)
Yes (from Sophos)
Yes
Yes
Yes (from Sophos)
Yes (from Sophos)
Yes
Yes
Yes (from Sophos)
Yes (from Sophos)
Yes
Yes
Yes (from Sophos)
Yes (from Sophos)
Yes
Yes
Yes (from Sophos)
Yes (from Sophos)
Yes
Yes
Yes (from Sophos)
Yes (from Sophos)
Yes
TYPICAL DEPLOYMENT
MAXIMUM RECOMMENDED
NODES/USERS
SECURITY CONTENT UPDATES
FORM FACTOR
CAPABILITIES SUMMARY
Intrusion Prevention
Intrusion Detection
Antivirus (behavior-based)
Antivirus (signature-based)
Content Filtering
Antispam
Web Application/Database Protection
VoIP Security
Spyware Prevention
VPN
HARDWARE-RELATED
SPECIFICATIONS
Monitoring or
scanning interfaces
Inline protected
segments
Throughput available
Concurrent sessions
(rated maximum)
Maximum connection
per second
High Availability/Failover
HOST PROTECTION FEATURES
Log Auditing
Application Control
Buffer Overflow
Exploit Protection
Supported Operating
Systems/Platforms
VULNERABILITY
MANAGEMENT FEATURES
Scanning Discovery
Asset Classification
Vulnerability Assessment
Scanning Windows
Workflow Solution
Results Reporting
IBM ADVANTAGE
MODEL
Proventia MFS MX0804 Proventia MFS MX1004 Proventia MFS MX3006 Proventia MFS MX4006 Proventia MFS MX5008 Proventia MFS MX5110
Mid-Market/
Remote Office
Mid-Market/
Remote Office
Mid-Market/
Branch Office
Mid-Market/
Branch Office
Large Gateway
Large Gateway
50*
100*
500*
1,000*
2,000*
3,000*
Powered by X-Force; Powered by X-Force; Powered by X-Force; Powered by X-Force; Powered by X-Force; Powered by X-Force;
Antivirus by Sophos Antivirus by Sophos Antivirus by Sophos Antivirus by Sophos Antivirus by Sophos Antivirus by Sophos
Unlimited
Powered by X-Force
Powered by X-Force
Powered by X-Force
Desktop
1U appliance
Software
No
No
No
No
No
Messaging Gateway
Network perimeter
Client-based
Client-based
license
license
Powered by X-Force;
Powered by X-Force; signature Powered by X-Force; signature
3rd party anti-virus, DLP & Powered by X-Force
antivirus by Sophos
antivirus by Sophos
encryption capabilities avail.
Software
Virtual appliance
2U appliance
Software
< 1,000 Scales to hardware
Yes
10,000
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
(see also, Mail Security Features) (see also, Mail Security Features) (via 3rd Party Integration)
No
No
Yes
No
No
Yes
Yes
Yes
Yes
No
No
No
No
No
No
No
No
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
Yes
Yes
Yes
No
Yes
Yes
Yes
No
Yes
Yes
Yes
No
Yes
Yes
Yes
No
Yes
Yes
Yes
No
Yes
Yes
Yes
IPsec and SSL
Yes
Yes
Yes
IPsec and SSL
Yes
Yes
Yes
IPsec and SSL
Yes
Yes
Yes
IPsec and SSL
Yes
Yes
Yes
IPsec and SSL
Yes
Yes
Yes
IPsec and SSL
No
No
No
No
No
No
No
No
No
No
No
No
2 x 10/100/1000
Copper
2 or 4
x 10/100/1000 Copper
8 x 10/100/1000 Copper or
4 x 10/100/1000 Copper and
4x10/100/1000 SFP (TX/SX/LX)
8xSFP/mini-GBIC ports (1,000 TX/SX/LX)
4 x 10/100/1000
Copper
4 x 10/100/1000
Copper
6 x 10/100
Copper
6 x 10/100/1000
Copper
8 x 10/100/1000
Copper
10 x 10/100/1000
Copper
Hardware dependent
Two interfaces
4 x 10/100/1000 Copper
1 or 2
4 per NPM
10
n/a
n/a
n/a
Unlimited MX records
100 Mbps**
100 Mbps**
200 Mbps**
600 Mbps**
1600 Mbps**
1800 Mbps**
250 assets/hour
800 assets/hour
Hardware dependent
Client-based
license
Powered by X-Force
Software
Yes
Yes
Yes
No
No
No
Yes
No
No
No
n/a
n/a
Yes
Yes
Yes
n/a
Yes
Yes
Yes
n/a
n/a
n/a
n/a
Unlimited MX records
(10,000 users)
n/a
n/a
n/a
Scales to hardware
36,000 messages/hr
n/a
n/a
n/a
10 Mbps
200 Mbps
Up to 15 Gbps
6 Gbps inspected
200,000
1,200,000
1,200,000 - 1,450,000
4,600,000
Varies by installation****
101,000
101,000
120,000
120,000
150,000
150,000
n/a
n/a
n/a
n/a
n/a
n/a
3,750
21,000
35,000 - 40,000
160,000
Varies by installation****
2,000
3,000
4,100
6,800
9,580
12,500
n/a
n/a
n/a
Scales to hardware
10 messages/sec***
n/a
n/a
n/a
Not Available
Not Available
Active/Active
Active/Passive
Active/Active
Active/Passive
Active/Active
Active/Passive
Active/Passive
Active/Passive
Active/Passive
Active/Passive
Active/Passive
Active/Passive
Available
Available
No
Not available
Available
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
Yes
Yes
No
Yes
No
n/a
n/a
n/a
n/a
n/a
No
n/a
n/a
n/a
n/a
Yes
Yes
Yes
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
Windows
Windows, HP-UX,
Solaris, AIX, VMware
Windows, Linux,
VMware
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Yes
No
Limited
Yes
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
>98%
< .01% (1 in 10,000)
Yes
(20+, customizable)
n/a
n/a
n/a
>98%
< .01% (1 in 10,000)
Yes
(20+, customizable)
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
Yes
Yes
Yes
Yes
Yes
Yes
n/a
n/a
n/a
Yes
Yes
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
Yes
Yes
Yes
Yes
Yes
Yes
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
* See sizing guide for detailed information regarding # of concurrent users and active device modules
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
n/a
Yes for Services
Yes for Services
Yes for Services
Yes for Services
Yes for Services
Yes for Services
exposed to the Network exposed to the Network exposed to the Network exposed to the Network exposed to the Network exposed to the Network
>98%
>98%
>98%
>98%
>98%
>98%
< .01% (1 in 10,000) < .01% (1 in 10,000) < .01% (1 in 10,000) < .01% (1 in 10,000) < .01% (1 in 10,000) < .01% (1 in 10,000)
Yes
Yes
Yes
Yes
Yes
Yes
(20+ Customizable) (20+ Customizable) (20+ Customizable) (20+ Customizable) (20+ Customizable) (20+ Customizable)
*** Based on real world message flow, containing messages of varying sizes including variants with attachments and/or images
SEH03001-USEN-00