Transcript XGS - IBM
IBM Security Systems
IBM Security Network IPS models,
End of Support Dates and
Replacement options
©
1 2013 IBM Corporation
© 2012 IBM Corporation
IBM Security Systems
Proventia Network IPS
GX appliances (subsequently referred to as V1)
Block threats before they impact your network
Reclaim network capacity lost to threats or noise
(non-essential traffic: Skype, peer-to-peer, etc.)
Security platform drives convergence
Solutions that scale for every network
Flexible configurations
• Active Blocking (IPS), Passive Alerting (IDS),
• Simulated Blocking
Network
Remote Segments
Core
Model
GX3002
GX4002
GX4004
GX5008
GX5108
GX5208
GX6116
Throughput
10 Mbps
200 Mbps
200 Mbps
400 Mbps
1.2 Gbps
2 Gbps
15 Gbps
Inspected Throughput
10 Mbps
200 Mbps
200 Mbps
400 Mbps
1.2 Gbps
2 Gbps
8 Gbps
1
1
2
4
4
4
8
Protected Segments
2
Perimeter
© 2013 IBM Corporation
IBM Security Systems
IBM Security Network IPS
GX
4
GX-V2 appliances
Block threats before they impact your
organization
GX7800 and GX7412
GX4
GX5
Uncompromising security backed by X-Force®
GX-V2 series of appliances launched Q1 2010
Inspected throughput from 200 Mbps to 20Gbps+
Hardware improvements include:
• Doubled the Performance compared to V1
Protection for up to 8 network segments
• 64 bit processor
Scale from remote offices to the network core
• Increased memory
• Improved motherboard for faster BUS speed
IBM Security Network IPS Models
Remote
Perimeter
Core
NEW
NEW
NEW
NEW
Model
GX4004-200
GX4004
GX5008
GX5108
GX5208
GX7412-5
GX7412-10
GX7412
GX7800
Inspected
Throughput
200 Mbps
800
Mbps
1.5
Gbps
2.5
Gbps
4 Gbps
5 Gbps
10 Gbps
15 Gbps
20
Gbps+
Protected
Segments
2
2
4
4
4
8
8
8
4
No End of Support dates yet for any V2 models
3
3
© 2013 IBM Corporation
IBM Security Systems
IBM IPS Proventia GX (Version 1) – GX Replacement models
Model
Names
Protected
Segments
Chassis
Color
Inspection
Rate
Bypass
GX3002
1
GX4002
End of
Support
Replacement (differences)
Blue
10 Mbps
Built-in
Oct 12, 2015
GX4004C-V2-200 (200 Mbps, 2
Segments)
1
Blue
200 Mbps
Built-in
Jan 26, 2015
GX4004C-V2-200 (200 Mbps, 2
Segments)
GX4004
2
Blue
200 Mbps
Built-in
Jan 26, 2015
GX4004C-V2-200
GX5008
4
Blue
400 Mbps
External
Mar 2, 2105
GX4004C-V2 (800 Mbps, 2 Segments,
Internal Bypass, Copper only)
GX5008SFP-V2 (1.5 Gbps)
GX5108
4
Blue
1.2 Gbps
External
Mar 2, 2015
GX5008SFP-V2 (1.5 Gbps)
GX5208
4
Blue
2.0 Gbps
External
Mar 2, 2015
GX5108SFP-V2 (2.5 Gbps)
GX7412SFP-5 (5 Gbps, 8 Segments,
2-10 Gig or 1 Gig and 6-1 Gig)
GX6116
8
Blue
8 Gbps
External
Sept 30, 2105
GX7412SFP-10 (10 Gbps, 8 Segments,
2-10 Gig or 1 Gig and 6-1 Gig)
All IBM Security IPS appliances are supported for 5 years after the end of sale.
As of Sept 2013, the IBM Security GX-V2 IPS’s have no scheduled EOS dates.
(All IBM Security IPS GX-V2 appliances have BLACK chassis)
4
© 2013 IBM Corporation
IBM Security Systems
IBM IPS Proventia GX (Version 1) – XGS Replacement models
Model
Names
Protected
Segments
Chassis
Color
Inspection
Rate
Bypass
End of Support
Replacement (differences)
GX3002
1
Blue
10 Mbps
Built-in
Oct 12, 2015
XGS 3100
GX4002
1
Blue
200 Mbps
Built-in
Jan 26, 2015
XGS 3100
GX4004
2
Blue
200 Mbps
Built-in
Jan 26, 2015
XGS 3100
GX5008
4
Blue
400 Mbps
External
Mar 2, 2105
XGS 3100
due early Q4
3100 supports 250 or 500Meg, 2 segments Copper w/
bypass, no SSL card, no Modular Interface Bays
due early Q4
3100 supports 250 or 500Meg, 2 segments Copper only
with bypass, no SSL card, no Modular Interface Bays
due early Q4
3100 supports 250 or 500Meg, 2 segments Copper only
with bypass, no SSL card, no Modular Interface Bays
due early Q4
3100 supports 250 or 500Meg, 2 segments Copper only
with bypass, no SSL card, no Modular Interface Bays
or
XGS 4100 due early Q4
4100 supports 500 Meg or 1 Gig, 2 segments Copper w/
bypass , with SSL card and one Modular Interface Bay
GX5108
4
Blue
1.2 Gbps
External
Mar 2, 2015
XGS 5100 now shipping !!!
5100 supports 2, 3.5 or 4 Gig, 2 segments Copper w/
bypass , with SSL card and two Modular Interface Bay
GX5208
4
Blue
2.0 Gbps
External
Mar 2, 2015
XGS 5100 now shipping !!!
5100 supports 2, 3.5 or 4 Gig, 2 segments Copper w/
bypass , with SSL card and two Modular Interface Bay
GX6116
8
Blue
8 Gbps
External
Sept 30, 2105
XGS 5100 now shipping !!!
5100 supports 2, 3.5 or 4 Gig, 2 segments Copper w/
bypass , with SSL card and two Modular Interface Bay
XGS 7100 due mid 2104 ~ 20 Gig/sec
5
All IBM Security IPS appliances are supported for 5 years after the end of sale.
As of Sept 2013, the IBM Security GX-V2 IPS’s have no scheduled EOS dates.
(All IBM Security IPS GX-V2 appliances have BLACK chassis)
© 2013 IBM Corporation
IBM Security Systems
XGS 5100 now Shipping !!!
Modular Appliance Hardware Platform *NEW
New 1U appliance form factor
2 Modular Bays
Pluggable network interface modules (2 Modular Bays)
Three Performance Levels
Up to 5.0 Gig/Sec, including 10 Gig/Sec Interfaces
SSL Inspection *NEW
Provides visibility into attacks over encrypted channels
Transparent Man-In-The-Middle implementation
Hardware accelerated via on-board Cavium card
6
© 2013 IBM Corporation
IBM Security Systems
XGS 5100 Modular Network Interfaces
Two modules with seven different options each
allow the XGS 5100 to meet current and future connectivity needs
8-port RJ-45 copper
w/ built-bypass
2-port 10GbE (LR)
w/ built-bypass
4-port Fixed fiber (SX)
w/ built-bypass
4-port SFP
(requires transceivers)
4-port Fixed fiber (LX)
w/ built-bypass
2-port 10GbE SFP+
(requires transceivers)
2-port 10GbE (SR)
w/ built-bypass
7
© 2013 IBM Corporation
IBM Security Systems
Pricing Flexibility of the new XGS
Pricing Model for XGS 5100
1)
2)
2)
4)
8
(Select One)
8 port RJ-45 w/bypass
(Select as many as
desired)
Options
Interface Modules
Base Unit XGS 5100 Appliance Chassis
4 port fixed fiber (SX) w/bypass
4 port fixed fiber (LX) w/bypass
2 port 10GbE (SR) w/bypass
2 port 10GbE (LR) w/bypass
4 port SFP w/o bypass
2 port 10GbE SFP w/o bypass
XGS 5100 Performance Level Upgrades to go from 2.5 to 4.0 to 5.5
SSL Licensing (not term Licensing)
Application/Web Control Fixed Term License (S&S not applicable)
IP Reputation (S&S not applicable)
The Base model includes 4 Ethernet ports (2 IPS Segments) with fail-open bypass.
Add any additional optional Interface Modules , up to 2
Add any Options, up to 2 Performance Upgrades, SSL Inspection, IP Reputation, and App Control
If SFP Interfaces are ordered, then SFP Transceivers Kits need to ordered (not included)
© 2013 IBM Corporation
Not Public -- NDA required
IBM Security Systems
XGS 4100
Modular Appliance Hardware Platform
1 Modular Bay
New 1U appliance form factor
Pluggable network interface modules (1 Modular Bay)
Two Performance Levels
500 Meg/sec or 1 Gig/Sec Protection, including optional 10 Gig/Sec Interfaces
SSL Inspection *NEW
Provides visibility into attacks over encrypted channels
Transparent Man-In-The-Middle implementation
Hardware accelerated via on-board Cavium card
9
© 2013 IBM Corporation
Not Public -- NDA required
IBM Security Systems
XGS 3100
Modular Appliance Hardware Platform *coming soon
No Modular Bays
New 1U appliance form factor
Two Performance Levels
250 Meg/Sec or 500 Meg/Sec Copper Ethernet only, built in bypass
0 Modular Interface bays
No SSL Accelerator card
10
© 2013 IBM Corporation
IBM Security Systems
The XGS offers next-generation solutions to address today’s
security headaches
Network IPS
(GX Series)
Network Protection
(XGS Series)
Protocol-based intrusion protection
Web application protection
Virtual Patch
SSL visibility
-
Granular visibility/control of over 20B URLs
-
Granular visibility/control of over 2,100 application actions
-
IP reputation
-
(GX4 and GX5 only)
10GB network interfaces
(GX7 only)
On-Appliance network bypass
(GX4 only)
Pluggable/swappable network interfaces
-
Flexible performance licensing
-
Advanced Threat Protection
Network Visibility & Control
Seamless Deployment & Integration
SiteProtector central management
Advanced QRadar integration
11
© 2013 IBM Corporation
IBM Security Systems
GX To Comparison
12
© 2013 IBM Corporation