Information Security Networks

Network & Perimeter Protection

Network-based Intrusion Prevention (IPS) and advanced analytics

NitroGuard is an intrusion prevention appliance that actively detects, analyzes, and protects the network from an array of security attacks, including viruses, worms, spyware, Denial-of-Service (DoS) attacks, and other forms of malware, as well as unknown or zero-day attacks. Utilizing the power of our patented relational data management engine, NitroGuard identifies and neutralizes threats and detects anomalies — in real time, before they disrupt the network and impact the business.

High Performance. Really High

Innovative Intrusion Prevention from the creators of SNORT® IPS
NitroSecurity created the first Snort-based IPS technology: Snort_Inline, which is widely used today. We've combined that experience with further innovations in IPS, as well in data collection, network flow, and security information analysis technology in order to provide a highly efficient, highly protective IPS. Interested in Snort_Inline? Visit them at Snort_Inline's SourceForge page.

Learn more about our innovations in IPStechnology.

Stop Complex Attacks

NitroGuard IPS can stop detect complex threats and provide the actionable intelligence required to fully investigate security incidents. Using NitroView's Event Correlation capabilities, along with the industry's fastest data management engine, security events, logs and network behavior are analyzed in real-time to detect complex threats. As incidents occur, NitroView is able to notify security analysts in real-time, and provide immediate access to the information required to mitigate and remediate the threat.


Real-time data management engine

NitroEDB is a high-performance relational data management engine that enables many of the advanced features found in NitroGuard and NitroView. The importance of this performance gain can not be overstated: it allows for NitroGuard to operate at high throughput, with a high number of concurrent sessions, while at the same time analyzing flow data for anomalies. It also provides data management performance high enough to support a real-time user interface, where queries and analytics are returned in seconds, even on massive amounts of historical data — and without effecting NitroGuard's ability to continue processing new events.

Purpose-Built Performance

NitroGuard appliances are purpose-built, using high-performance memory, network I/O, and RAID controllers — all tuned to provide the best possible performance and reliability.

Ideal for high-performance networks, NitroGuard supports bandwidths of 250Mbps on the NS-IPS-1200, up to 1.5 Gbps on the NS-IPS-4200. Each IPS uses extensive "out of the box" anomaly rules, yet also allows enterprises to easily change or customize the response to various threats: use analytical capabilities to adjust anomaly rules to real network trends; easily edit rules or add new ones using standard SNORT® syntax; or add NitroView ESM to provide post-event data correlation and processing, including contextual forensics and compliance reporting.

An IPS with a Brain

NitroGuard has brawn, and brains too: each NitroGuard IPS comes with an installable version of NitroView ESM — for device management, event/flow correlation, and analytics "not typically seen in an IPS". Of course, for large networks, NitroView ESM is available as an appliance as well, offering the same performance advantages and reliability as NitroGuard IPS.

Multiple Personalities

NitroGuard is more than a powerful IPS — it's several powerful IPS's in one box. Using Virtual IPS technology, each NitroGuard can simultaneously operate individual IPS rule-sets across multiple physical gigabit Ethernet ports, or even by VLAN. Virtual IPS increases flexibility by applying specific rules to specific areas of the network, and also improves performance through multi-tasking.

Part of Your Edge-to-Core Security Solution

Critical assets require multiple layers of protection. A bank keeps money in a safe, but also locks its doors and monitors the lobby. The same edge-to-core protection is provided by NitroGuard family: Network-based intrustion prevention protects the perimieter and watches what is happening in your network; NitroView DBM monitors your core database applications. Alerts from both systems are managed together by NitroView ESM for correlation and analysis, providing a clear picture of everything that's happening within your infrastructure.

Still the Same NitroGuard that you Love

Our new NitroGuard IPS family supports all of the original features that made NitroGuard a success:

• In-band secure management via an encrypted channel.
• "Stealth-mode" operation, making the IPS invisible to attackers.
• Easy-to-use, intuitive interface using either NitroView ESS for device and SEM functionality, or NitroView ESM for full SIM capabilities.
• A large and continually evolving signature library, complete with advanced behavioral anomaly detection techniques to protect enterprises from new or emerging security risks.
• Reliability with integrated bypass capabilities, redundant power, and a self-healing data engine.

To learn more call us at

1-877-275-1968