Pakhnyushchyy - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Ixia intros IP address blocking appliance

Ixia is extending its threat intelligence platform with a new appliance that blocks IP addresses.

Ixia rolled out an appliance that uses a combination of IP address blocking and threat intelligence to reduce the amount of time and money enterprises now spend investigating security alerts.

The device, ThreatArmor, integrates with Ixia's Application and Threat Intelligence (ATI) program so that it's continually updated with the most recent data about malicious IPs, hijacked IPs and unassigned or unused IP addresses. By having this type of traffic blocked, enterprises can instead focus their security efforts on more critical threats.

Companies are deluged with security alerts

Companies are inundated with security alerts, particularly as their networks become vulnerable to an ever-growing and more sophisticated number of attacks. Yet many of these alerts aren't fueled by legitimate threats. A Ponemon Institute report published earlier this year said companies spend some 21,000 hours each year dealing with false positive cybersecurity notifications.

This amount of wasted time clogs enterprises' operational efficiency and diminishes their ability to counter legitimate attacks, said Jon Oltsik, senior principal analyst at The Enterprise Security Group, based in Milford, Mass.

"Companies are looking for ways to reduce their overall operations requirements," he said. "ThreatArmor] helps organizations automate blocking of IP addresses with high confidence at scale."

Ixia claims that ThreatArmor's IP address blocking capabilities can eliminate 30% of bad false positives -- traffic from known malware sites, for example, or from specific geographic regions that ordinarily would never send traffic to an enterprise's servers.

"The idea is to shrink the attack surface and get rid of unwanted inbound and outbound traffic," said Scott Register, Ixia's senior director of product management. Register said the appliance automatically updates itself every five minutes to ensure its intelligence data is up to date.

Simple approach touted

The appliance holds every IP address allocated across the Internet and can block, at line-rate speeds, as many addresses as needed. "The beauty of Ixia's appliance is its simplicity," Oltsik said. "It isn't intended to do anything but block rogue IP addresses and provide users with the ability to do so via policies."

Rival next-generation firewalls, which perform many of the same functions, are restricted by the number of policies they can support.

ThreatArmor, aimed at midsize and larger enterprises, is priced at $19,995 plus $2,995 for a one-year subscription to the ATI threat intelligence database. Two models are available, for throughputs of up to 4 Gbps and 40 Gbps, respectively.

Next Steps

Eliminating false positives

Putting threat intelligence to work

Changing face of malware detection


Dig Deeper on Network Security Best Practices and Products

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Is IP address blocking a primary security tool at your organization?
As our Security Team constantly tell us, the major threat are social engineering attacks, and they do a great deal educating the staff. They also block a lot of websites but security doesn't seem to be the main concern.
It not the primary reason. We do use it to increase productivity by blocking a lot of social media and shopping sites. Trying to stay on top of new sites is a day to day problem. Need to keep monitoring network usage and bandwidth.