"Nitro's ability to meet feature demands, coupled with its super fast NitroEDB data management engine on the back end put it in a unique position among SIEM vendors" — Paul Roberts, Analyst, the 451 Group
NitroGuard is an intrusion prevention appliance that actively detects, analyzes, and protects the network from an array of security attacks, including viruses, worms, spyware, Denial-of-Service (DoS) attacks, and other forms of malware, as well as unknown or zero-day attacks. Utilizing the power of our patented relational data management engine, NitroGuard identifies and neutralizes threats and detects anomalies — in real time, before they disrupt the network and impact the business.
High Performance. Really High
Innovative Intrusion Prevention from the creators of SNORT® IPS
NitroSecurity created the first Snort-based IPS technology: Snort_Inline, which is widely used today. We've combined that experience with further innovations in IPS, as well in data collection, network flow, and security information analysis technology in order to provide a highly efficient, highly protective IPS. Interested in Snort_Inline? Visit them at Snort_Inline's SourceForge page.
NitroGuard IPS can stop detect complex threats and provide the actionable intelligence required to fully investigate security incidents. Using NitroView's Event Correlation capabilities, along with the industry's fastest data management engine, security events, logs and network behavior are analyzed in real-time to detect complex threats. As incidents occur, NitroView is able to notify security analysts in real-time, and provide immediate access to the information required to mitigate and remediate the threat.
Real-time data management engine
NitroEDB is a high-performance relational data management engine that enables many of the advanced features found in NitroGuard and NitroView. The importance of this performance gain can not be overstated: it allows for NitroGuard to operate at high throughput, with a high number of concurrent sessions, while at the same time analyzing flow data for anomalies. It also provides data management performance high enough to support a real-time user interface, where queries and analytics are returned in seconds, even on massive amounts of historical data — and without effecting NitroGuard's ability to continue processing new events.
"Last year during our registration process alone we had between 10 and 20 virus outbreaks. This year, as a result of our NitroSecurity implementation, we have not had a single one and we virtually eliminated illegal file-sharing."
William Souder
Director of Network Operations & Information Security Officer
Berry College
Purpose-Built Performance
NitroGuard appliances are purpose-built, using high-performance memory, network I/O, and RAID controllers — all tuned to provide the best possible performance and reliability.
Ideal for high-performance networks, NitroGuard supports bandwidths of 250Mbps on the NS-IPS-1200, up to 1.5 Gbps on the NS-IPS-4200. Each IPS uses extensive "out of the box" anomaly rules, yet also allows enterprises to easily change or customize the response to various threats: use analytical capabilities to adjust anomaly rules to real network trends; easily edit rules or add new ones using standard SNORT® syntax; or add NitroView ESM to provide post-event data correlation and processing, including contextual forensics and compliance reporting.
An IPS with a Brain
NitroGuard has brawn, and brains too: each NitroGuard IPS comes with an installable version of NitroView ESM — for device management, event/flow correlation, and analytics "not typically seen in an IPS". Of course, for large networks, NitroView ESM is available as an appliance as well, offering the same performance advantages and reliability as NitroGuard IPS.
Multiple Personalities
NitroGuard is more than a powerful IPS — it's several powerful IPS's in one box. Using Virtual IPS technology, each NitroGuard can simultaneously operate individual IPS rule-sets across multiple physical gigabit Ethernet ports, or even by VLAN. Virtual IPS increases flexibility by applying specific rules to specific areas of the network, and also improves performance through multi-tasking.
Still the Same NitroGuard that you Love
Our new NitroGuard IPS family supports all of the original features that made NitroGuard a success:
In-band secure management via an encrypted channel.
Easy-to-use, intuitive interface using either NitroView ESS for device and SEM functionality, or NitroView ESM for full SIM capabilities.
A large and continually evolving signature library, complete with advanced behavioral anomaly detection techniques to protect enterprises from new or emerging security risks.
Reliability with integrated bypass capabilities, redundant power, and a self-healing data engine.
Specifications
NitroGuard IPS Specifications
Select a Model for Specifications [Note: for US Army APL approved models, please visit our government site]
* Typical SIEM reports (queries) will complete in a few seconds, even on very large event stores.
** NitroView ESM 5000 models utilize a raid 10 drive configuration, as well as redundant, dedicated drives for OS storage. The number listed above represents the usable capacity for event, log and flow storage.
*** The maximum number of supported devices per ESM is determined by the receiver model(s) used for collection.
NitroGuard is an intrusion prevention appliance that actively detects, analyzes, and protects the network from an array of security attacks, including viruses, worms, spyware, Denial-of-Service (DoS) attacks, and other forms of malware, as well as unknown or zero-day attacks. Utilizing the power of our patented relational data management engine, NitroGuard identifies and neutralizes threats and detects anomalies — in real time, before they disrupt the network and impact the business.
NitroEDB is a high-performance relational data management engine that enables many of the advanced features found in NitroGuard and NitroView. The importance of this performance gain can not be overstated: it allows for NitroGuard to operate at high throughput, with a high number of concurrent sessions, while at the same time analyzing flow data for anomalies. It also provides data management performance high enough to support a real-time user interface, where queries and analytics are returned in seconds, even on massive amounts of historical data — and without effecting NitroGuard's ability to continue processing new events.
NitroGuard appliances are purpose-built, using high-performance memory, network I/O, and RAID controllers — all tuned to provide the best possible performance and reliability. 
NitroGuard is more than a powerful IPS — it's several powerful IPS's in one box. Using Virtual IPS technology, each NitroGuard can simultaneously operate individual IPS rule-sets across multiple physical gigabit Ethernet ports, or even by VLAN. Virtual IPS increases flexibility by applying specific rules to specific areas of the network, and also improves performance through multi-tasking. 
Log in
