The NitroGuard Intrusion Prevention System (IPS) device is an intelligent packet-filtering system that detects sophisticated network intrusion attempts and actively records and/or stops such attempts. The NitroView Enterprise Security Manager or Enterprise Security System (ESM/ESS) is the central point of administration and configuration. The ESM/ESS allows network administrators to keep all configuration settings, user and access group profiles, and event and flow data in a single location. These two components are part of a full unified security management system. However, we only evaluated the ESM and the NitroGuard Intrusion Prevention System in a standalone deployment. The intrusion prevention appliance actively detects, analyzes and protects the network from an array of security threats, including viruses, worms, spyware, denial-of-service (DoS) attacks, and other forms of malware, as well as unknown or zero-day attacks.
The user interface is one of the more attractive interfaces I have used. There are user-configurable views on the dashboard, and tools, options and a tree-based selector for managed appliances are all within a couple of clicks of where one needs to be. Reporting is strong, with built-in reporting templates available, including compliance reporting. One also has the ability to design custom reports. Also new to this release is a "what if" alert action. As an added benefit, the product is both FIPS and Common Criteria certified.
Support fees were not included, but we did open a ticket to assist in the initial deployment and received a fast response, and the support resource was knowledgeable and helpful.