Authors: Keith Bormann, Matt Chips, Thomas Skybakmoen, Matt Wheeler and Ryan Turner

Publish Date: October 30, 2018

DCIPS devices monitor and block malicious activities using deep packet inspection and application/user awareness and control capabilities. They handle traffic for potentially hundreds of thousands of users who are accessing large applications and/or computing servers hosted in the data center. DCIPS devices are typically deployed inline behind the data center perimeter (“a bump in the wire”) to inspect network traffic, or they are deployed out-of-band to provide internal network segmentation as well as to monitor and block the lateral movement of threats without introducing the complexity of a routing firewall.

Implementation of DCIPS devices can be a complex process, with multiple factors affecting the overall performance of the device. This Comparative Report provides data on factors affecting a DCIPS ability to perform, including:

  • Throughput
  • Latency
  • Connection rates
  • Real-world traffic scenarios: transactional, multimedia, corporate

Products Evaluated:

  • Fortinet FortiGate 3200D v5.4.10 GA Build 7811
  • Fortinet FortiGate 6300F v5.4.10 GA Build 4283
  • Trend Micro TippingPoint TPS 8400TX v5.1.0.4965

To learn how vendors performed, download a copy of each Test Report. NSS clients can also download the DCIPS Comparative Reports on Security Value Map and Total Cost of Ownership. As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodologies applied are in the public domain to provide transparency and to help enterprises understand the results.