IntruGuard Products Overview

IntruGuard’s IG200 and IG2000 Network Behavior Analysis (NBA) Systems provide real-time visibility into the Service Provider network with capability to prevent network behavior anomalies including reconnaissance, Distributed Denial of Service (DDoS) attacks. Using custom-designed ASICs, the IG200/2000 inspect traffic at full-duplex line speed (200 Mbps/2000 Mbps) even under full scale attack. It continuously learns traffic patterns and behavior. By dynamically setting thresholds on the broadest range of Layer 3, 4 and 7 parameters, the IG200/2000 detect and block attacks within 2 seconds, requiring no intervention from an administrator. Through a unique continuous learning capability, the IG200/2000 differentiate between gradual build-ups in legitimate traffic and attacks, thereby eliminating false positives.

IntruGard IG200 and IG2000 can stop DDoS botnet attacks such as BlackEnergy, Darkness, voluntary botnet attacks such as LOIC, HOIC and “Slow HTTP” Attacks such as Slowloris, and Pyloris.

IG200/2000’s granular visibility into the network behavior helps in accurately determining an attack’s cause and enables it to allow legitimate traffic through while blocking flood traffic. Source tracking pinpoints the address of a non-spoofed attack and will even contact the offender’s domain administrator.

IG200/2000 instantly block port scans, network scans and dark address scans to prevent outbreak of worms and stealth activity. By preventing header and state anomalies they further help in providing a clean pipe to your network. By providing line-rate granular ACLs, IG200/2000 help protect your routers from getting unwanted traffic in the data center.

By using Virtual Identification, the IG200/2000 can segregate packets from up to eight discretely managed servers, subnets or networks into different zones using IP addresses/masks providing a second level of granular protection to your network.
Intuitive reporting features provide administrators with easy-to-read graphs of network traffic organized by network parameters, including ports and protocols, allowing them to analyze history ranging from the prior 5 minutes to the prior year.

With the protection provided by the IG200/2000, Service Providers and Data Centers can guarantee more uptime for customers and can rest assured that their routers, switches , load-balancers, firewalls and eventually servers will not be overloaded during external, internal or participative attacks.

IntuGuard Product Models

IntruGuard products can be categorized by usage:

• IG200-L for individual web properties or smaller webhosts.
  • Single Power Supply
  • Single Hard Disk
  • 100 Mbps full duplex throughput
• IG200-H for larger web properties
  • Single Power Supply
  • Single Hard Disk
  • 1000 Mbps full duplex throughput
• IG200-U for cost-conscious larger web properties and webhosts
  • Single Power Supply
  • Single Hard Disk
  • 1000 Mbps full duplex throughput
  • Higher Capacity for URLs, User-Agents, Hosts, Referer, Cookies
• IG2000 for mission critical webhosting operations
  • Redundant Power Supply
  • Redundant Hard Disks
  • 1000 Mbps full duplex throughput
• IG2000-U for mission critical webhosting operations, Internet data centers and Internet Service Providers
  • Redundant Power Supply
  • Redundant Hard Disks
  • 1000 Mbps full duplex throughput
  • Higher Capacity for URLs, User-Agents, Hosts, Referer, Cookie

All the products above are supplied with an external Active Bypass Switch that operates independently of the mitigation appliance preventing outage in the event of a critical failure. None of the devices therefore are a single point of failure in the path of the packets. Your service is always connected despite an inline appliance.

Feature and capacity comparison of IntruGuard product models.