IBM ISS Proventia Series Comparison Matrix
Uncompromising Protection for Every Layer of Your Network
Multi-Function Security:
Provides a comprehensive, all-in-one network security solution for even the most complex networks. Also helps organizations maintain government regulations and industry compliance requirements (helps address 10 out of 12 PCI requirements). Unified on an extensible platform, the Proventia MFS comes complete with robust firewall, IPsec or SSL VPN, antivirus, anit-spam web filtering and intrusion prevention security modules.
| Proventia Network Multi-Function Security | ||||||
|---|---|---|---|---|---|---|
| Model: | Mid-Market / Remote Office | Large Gateway | ||||
 |
 |
 |
 |
 |
|
|
| MX0804 | MX1004 | MX3006 | MX4006 | MX5008 | MX5110 | |
| Maximum Recommended Nodes/Users | 50* | 100* | 500* | 1,000* | 2,000* | 3,000* |
| Security Content Updates | Powered by X-Force; Antivirus by Sophos | Powered by X-Force; Antivirus by Sophos | Powered by X-Force; Antivirus by Sophos | Powered by X-Force; Antivirus by Sophos | Powered by X-Force; Antivirus by Sophos | Powered by X-Force; Antivirus by Sophos |
| Form Factor | Desktop Appliance | Desktop Appliance | 1U Appliance | 1U Appliance | 2U Appliance | 2U Appliance |
| Capabilities Summary | ||||||
| Intrusion Prevention | Yes | Yes | Yes | Yes | Yes | Yes |
| Intrusion Detection | Yes | Yes | Yes | Yes | Yes | Yes |
| Antivirus (behavior-based) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) |
| Antivirus (signature-based) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) | Yes (from Sophos) |
| Content Filtering | Yes | Yes | Yes | Yes | Yes | Yes |
| Protected segments | Yes | Yes | Yes | Yes | Yes | Yes |
| Web Application/ Database Protection | Yes | Yes | Yes | Yes | Yes | Yes |
| VoIP Security | Yes | Yes | Yes | Yes | Yes | Yes |
| Spyware Prevention | Yes | Yes | Yes | Yes | Yes | Yes |
| VPN | IPsec and SSL | IPsec and SSL | IPsec and SSL | IPsec and SSL | IPsec and SSL | IPsec and SSL |
| Hardware-Related Specifications | ||||||
| Monitoring or scanning interfaces | 4 x 10/100/1000 Copper | 4 x 10/100/1000 Copper | 6 x 10/100/1000 Copper | 6 x 10/100/1000 Copper | 8 x 10/100/1000 Copper | 10 x 10/100/1000 Copper |
| Inline protected segments | 4 | 4 | 6 | 6 | 8 | 10 |
| Throughput available | 100 Mbps** | 100 Mbps** | 200 Mbps** | 600 Mbps** | 1600 Mbps** | 1800 Mbps** |
| Concurrent sessions (rated maximum) | 101,000 | 101,000 | 120,000 | 120,000 | 150,000 | 150,000 |
| Maximum connection per second | 2,000 | 3,000 | 4,100 | 6,800 | 9,580 | 12,500 |
| High Availability/ Failover | Active/Passive | Active/Passive | Active/Passive | Active/Passive | Active/Passive | Active/Passive |
| Host Protection Featrues | ||||||
| Log Auditing | N/A | N/A | N/A | N/A | N/A | N/A |
| Application Control | N/A | N/A | N/A | N/A | N/A | N/A |
| Buffer Overflow Exploit Protection | Yes for Services exposed to the Network | Yes for Services exposed to the Network | Yes for Services exposed to the Network | Yes for Services exposed to the Network | Yes for Services exposed to the Network | Yes for Services exposed to the Network |
| Supported Operating Systems/Platforms | N/A | N/A | N/A | N/A | N/A | N/A |
| Vulnerability Management Features | ||||||
| Scanning Discovery | N/A | N/A | N/A | N/A | N/A | N/A |
| Asset Classification | N/A | N/A | N/A | N/A | N/A | N/A |
| Vulnerability Assessment | N/A | N/A | N/A | N/A | N/A | N/A |
| Scanning Windows | N/A | N/A | N/A | N/A | N/A | N/A |
| Workflow Solution | N/A | N/A | N/A | N/A | N/A | N/A |
| Results Reporting | N/A | N/A | N/A | N/A | N/A | N/A |
| Mail Security Features | ||||||
| Spam detection rate | >98% | >98% | >98% | >98% | >98% | >98% |
| False positive rate | <.01% (1 in 10,000) | <.01% (1 in 10,000) | <.01% (1 in 10,000) | <.01% (1 in 10,000) | <.01% (1 in 10,000) | <.01% (1 in 10,000) |
| Spam and compliance analysis modules | Yes (20+ Customizable) | Yes (20+ Customizable) | Yes (20+ Customizable) | Yes (20+ Customizable) | Yes (20+ Customizable) | Yes (20+ Customizable) |
| Anti-phishing/Image-based Spam | Yes | Yes | Yes | Yes | Yes | Yes |
| Granular policy control | Yes | Yes | Yes | Yes | Yes | Yes |
| Global/group/user settings | Yes | Yes | Yes | Yes | Yes | Yes |
| End user access | Yes | Yes | Yes | Yes | Yes | Yes |
* See sizing guide for detailed information regarding # of concurrent users and active device modules
** Requires optional external bypass unit for fiber interfaces
Intrusion
Prevention System:
Uses IBM Internet Security Systems Ahead of the threat technology to block intrusion attempts, DoS attacks, malicious code transmission, backdoor activity and hybrid network-based threats.
| Proventia Network Multi-Function Security | |||||
|---|---|---|---|---|---|
| Model: |  |
 |
 |
 |
 |
| GX3002 | GX4 series | GX5 series | GX6116 | IPS for Crossbeam | |
| Typical Deployment | Remote Segments | Remote Segments/Network Perimeter | Network Perimeter/Network Core | Enterprise Core/High-Speed Perimeter connections Carrier Infrastructure | Carrier Infrastructure Enterprise Core/High-Speed Perimeter connections |
| Maximum Recommended Nodes/Users | Unlimited | Unlimited | Unlimited | Unlimited | Unlimited |
| Security Content Updates | Powered by X-Force | Powered by X-Force | Powered by X-Force | Powered by X-Force | Powered by X-Force |
| Form Factor | Desktop Appliance | 1U Appliance | 2U Appliance | 2U Appliance | Crossbeam X40, X45, X80 |
| Capabilities Summary | |||||
| Intrusion Prevention | Yes | Yes | Yes | Yes | Yes |
| Intrusion Detection | Yes | Yes | Yes | Yes | Yes |
| Antivirus (behavior-based) | No | No | No | No | No |
| Antivirus (signature-based) | No | No | No | No | No |
| Content Filtering | No | No | No | No | No |
| Protected segments | No | No | No | No | No |
| Web Application/ Database Protection | Yes | Yes | Yes | Yes | Yes |
| VoIP Security | Yes | Yes | Yes | Yes | Yes |
| Spyware Prevention | Yes | Yes | Yes | Yes | Yes |
| VPN | No | No | No | No | No |
| Hardware-Related Specifications | |||||
| Monitoring or scanning interfaces | 2 x 10/100/1000 Copper | 2 or 4 x 10/100/1000 Copper | 8 x 10/100/1000 Copper or 4 x 10/100/1000 Copper and 4 x 10/100/1000 SFP (TX/SX/LX) 8xSFP/mini-GBIC ports (1,000 TX/SX/LX) | 16 X 1000 SFP (TX/SX/LX) | 8 X 10/100/1000 SFP (TX/SX/LX) per NPM |
| Inline protected segments | 1 | 1 or 2 | 4 | 8 | 4 per NPM |
| Throughput available | 10 Mbps | 200 Mbps | 400 Mbps - 1.2 Gbps | Up to 15 Gbps 6 Gbps inspected |
Up to 3 Gbps per NPM |
| Concurrent sessions (rated maximum) | 200,000 | 1,200,000 | 1,200,000 - 1,450,000 | 4,600,000 | Varies by installation*** |
| Maximum connection per second | 3,750 | 21,000 | 35,000 - 40,000 | 160,000 | Varies by installation*** |
| High Availability/ Failover | Not Available | Not Available | Active/Active Active/Passive |
Active/Active Active/Passive |
Active/Active Active/Passive |
| Host Protection Featrues | |||||
| Log Auditing | N/A | N/A | N/A | N/A | N/A |
| Application Control | N/A | N/A | N/A | N/A | N/A |
| Buffer Overflow Exploit Protection | N/A | N/A | N/A | N/A | N/A |
| Supported Operating Systems/Platforms | N/A | N/A | N/A | N/A | N/A |
| Vulnerability Management Features | |||||
| Scanning Discovery | N/A | N/A | N/A | N/A | N/A |
| Asset Classification | N/A | N/A | N/A | N/A | N/A |
| Vulnerability Assessment | N/A | N/A | N/A | N/A | N/A |
| Scanning Windows | N/A | N/A | N/A | N/A | N/A |
| Workflow Solution | N/A | N/A | N/A | N/A | N/A |
| Results Reporting | N/A | N/A | N/A | N/A | N/A |
| Mail Security Features | |||||
| Spam detection rate | N/A | N/A | N/A | N/A | N/A |
| False positive rate | N/A | N/A | N/A | N/A | N/A |
| Spam and compliance analysis modules | N/A | N/A | N/A | N/A | N/A |
| Anti-phishing/Image-based Spam | N/A | N/A | N/A | N/A | N/A |
| Granular policy control | N/A | N/A | N/A | N/A | N/A |
| Global/group/user settings | N/A | N/A | N/A | N/A | N/A |
| End user access | N/A | N/A | N/A | N/A | N/A |
* See sizing guide for detailed information regarding # of concurrent users and active device modules
** Requires optional external bypass unit for fiber interfaces
*** Determined by the number of blades installed in each implementation
Mail Security System:
Preemptive protection and spam control for your messaging infrastructure.
| Proventia Network Mail Security System | ||
|---|---|---|
| Model: |  |
|
| MS1002-VM | MS3004 | |
| Typical Deployment | Messaging Gateway | Network perimeter |
| Maximum Recommended Nodes/Users | < 1,000 – Scales to hardware | 10,000 |
| Security Content Updates | Powered by X-Force; signature antivirus by Sophos | Powered by X-Force; signature antivirus by Sophos |
| Form Factor | Virtual Appliance | U2 Appliance |
| Capabilities Summary | ||
| Intrusion Prevention | Yes | Yes |
| Intrusion Detection | Yes | Yes |
| Antivirus (behavior-based) | Yes | Yes |
| Antivirus (signature-based) | Yes | Yes |
| Content Filtering | Yes | Yes |
| Protected segments | Yes (see also, Mail Security Fetarues) | Yes (see also, Mail Security Fetarues) |
| Web Application/ Database Protection | No | No |
| VoIP Security | No | No |
| Spyware Prevention | Yes | Yes |
| VPN | No | No |
| Hardware-Related Specifications | ||
| Monitoring or scanning interfaces | Two interfaces | 4 x 10/100/1000 Copper |
| Inline protected segments | Unlimited MX records | Unlimited MX records (10,000 users) |
| Throughput available | Scales to hardware | 36,000 messages/hr |
| Concurrent sessions (rated maximum) | 1024 (default setting) | 1024 (default setting) |
| Maximum connection per second | Scales to hardware | 10 messages/sec* |
| High Availability/ Failover | Not available | Not available |
| Host Protection Featrues | ||
| Log Auditing | N/A | N/A |
| Application Control | N/A | N/A |
| Buffer Overflow Exploit Protection | N/A | N/A |
| Supported Operating Systems/Platforms | N/A | N/A |
| Vulnerability Management Features | ||
| Scanning Discovery | N/A | N/A |
| Asset Classification | N/A | N/A |
| Vulnerability Assessment | N/A | N/A |
| Scanning Windows | N/A | N/A |
| Workflow Solution | N/A | N/A |
| Results Reporting | N/A | N/A |
| Mail Security Features | ||
| Spam detection rate | >98% | >98% |
| False positive rate | <.01% (1 in 10,000) | <.01% (1 in 10,000) |
| Spam and compliance analysis modules | Yes (20+ Customizable) | Yes (20+ Customizable) |
| Anti-phishing/Image-based Spam | Yes | Yes |
| Granular policy control | Yes | Yes |
| Global/group/user settings | Yes | Yes |
| End user access | Yes | Yes |
* Based on real world message flow, containing messages of varying sizes including variants with attachments and/or images
Enterprise Scanner:
Offers vulnerability protection and helps quantify and reduce overall risk to all network components. Appliance or software solutions identify where risk exists, prioritize and assign protection, and report results.
| Proventia Network Enterprise Scanner and IBM Internet Scanner Software | |||
|---|---|---|---|
| Model: |  |
 |
 |
| Enterprise Scanner 750 | Enterprise Scanner 1500 | Internet Scanner | |
| Typical Deployment | Network core/perimeter scanning; external-to-network scanning | Network core/perimeter scanning; external-to-network scanning | Enterprise/SMB; Auditing environments |
| Maximum Recommended Nodes/Users | 3,000 per appliance | 10,000 per appliance | Unlimited |
| Security Content Updates | Powered by X-Force | Powered by X-Force | Powered by X-Force |
| Form Factor | Desktop | 1U appliance | Software |
| Capabilities Summary | |||
| Intrusion Prevention | Scan and block when used with IPS solutions | Scan and block when used with IPS solutions | No |
| Intrusion Detection | No | No | No |
| Antivirus (behavior-based) | No | No | No |
| Antivirus (signature-based) | No | No | No |
| Content Filtering | No | No | No |
| Protected segments | No | No | No |
| Web Application/ Database Protection | No | No | No |
| VoIP Security | No | No | No |
| Spyware Prevention | No | No | No |
| VPN | No | No | No |
| Hardware-Related Specifications | |||
| Monitoring or scanning interfaces | 1 | 5 | Hardware Dependent |
| Inline protected segments | N/A | N/A | N/A |
| Throughput available | 250 assets/hour | 800 assets/hour | Hardware dependent |
| Concurrent sessions (rated maximum) | N/A | N/A | N/A |
| Maximum connection per second | N/A | N/A | N/A |
| High Availability/ Failover | Available | Available | No |
| Capabilities Summary | |||
| Log Auditing | N/A | N/A | N/A |
| Application Control | N/A | N/A | N/A |
| Buffer Overflow Exploit Protection | N/A | N/A | N/A |
| Supported Operating Systems/Platforms | N/A | N/A | N/A |
| Vulnerability Management Features | |||
| Scanning Discovery | Yes | Yes | Yes |
| Asset Classification | Yes | Yes | No |
| Vulnerability Assessment | Yes | Yes | Yes |
| Scanning Windows | Yes | Yes | No |
| Workflow Solution | Yes | Yes | Limited |
| Results Reporting | Yes | Yes | Yes |
| Mail Security Features | |||
| Spam detection rate | N/A | N/A | N/A |
| False positive rate | N/A | N/A | N/A |
| Spam and compliance analysis modules | N/A | N/A | N/A |
| Anti-phishing/Image-based Spam | N/A | N/A | N/A |
| Granular policy control | N/A | N/A | N/A |
| Global/group/user settings | N/A | N/A | N/A |
| End user access | N/A | N/A | N/A |
* Based on real world message flow, containing messages of varying sizes including variants with attachments and/or images
Proventia Network Software:
Combines multi-layered technologies to protect desktops and servers from the growing threat spectrum while enabling them to keep data and applications reliable, available and confidential.
- IBM Proventia Server Intrusion Prevention System
- IBM RealSecure Server Sensor
- IBM Proventia Endpoint Secure Control
| Proventia Network Software | |||
|---|---|---|---|
| Model: |  |
 |
|
| Endpoint Secure Control | RealSecure Server Sensor | Proventia Server | |
| Typical Deployment | Workstations/Laptops | Servers | Servers |
| Maximum Recommended Nodes/Users | Client-based license | Client-based license | Client-based license |
| Security Content Updates | Powered by X-Force; 3rd party anti-virus, DLP & encryption capabilities available | Powered by X-Force | Powered by X-Force |
| Form Factor | Software | Software | Software |
| Capabilities Summary | |||
| Intrusion Prevention | Yes | Yes | Yes |
| Intrusion Detection | Yes | Yes | Yes |
| Antivirus (behavior-based) | Yes | No | No |
| Antivirus (signature-based) | Yes | No | No |
| Content Filtering | Yes | No | No |
| Protected segments | Yes (via 3rd Party Integration) | N/A | N/A |
| Web Application/ Database Protection | Yes | Yes | Yes |
| VoIP Security | Yes | Yes | Yes |
| Spyware Prevention | Yes | Yes | Yes |
| VPN | No | N/A | N/A |
| Hardware-Related Specifications | |||
| Monitoring or scanning interfaces | N/A | N/A | N/A |
| Inline protected segments | N/A | N/A | N/A |
| Throughput available | N/A | N/A | N/A |
| Concurrent sessions (rated maximum) | N/A | N/A | N/A |
| Maximum connection per second | N/A | N/A | N/A |
| High Availability/ Failover | N/A | N/A | N/A |
| Host Protection Featrues | |||
| Log Auditing | N/A | Yes | Yes |
| Application Control | Yes | No | No |
| Buffer Overflow Exploit Protection | Yes | Yes | Yes |
| Supported Operating Systems/Platforms | Windows | Windows, HP-UX, Solaris, AIX, VMware | Windows, Linux, VMware |
| Vulnerability Management Features | |||
| Scanning Discovery | N/A | N/A | N/A |
| Asset Classification | N/A | N/A | N/A |
| Vulnerability Assessment | N/A | N/A | N/A |
| Scanning Windows | N/A | N/A | N/A |
| Workflow Solution | N/A | N/A | N/A |
| Results Reporting | N/A | N/A | N/A |
| Mail Security Features | |||
| Spam detection rate | N/A | N/A | N/A |
| False positive rate | N/A | N/A | N/A |
| Spam and compliance analysis modules | N/A | N/A | N/A |
| Anti-phishing/Image-based Spam | N/A | N/A | N/A |
| Granular policy control | N/A | N/A | N/A |
| Global/group/user settings | N/A | N/A | N/A |
| End user access | N/A | N/A | N/A |