As your network, number of end points and reliance on cloud-based systems and applications continues to rise, you Firewall, Intrusion Prevention System (IPS) Malware Sandbox and SIEM need to scale with the increased demand.

Furthermore, as many organisations upgrade private WAN and Internet connection links to cater for the increased demand, the security tools already in place (such as Perimeter Firewall, IPS and Malware Sandboxes) often need to be upgraded to cope with the extra load.

This can mean the procurement of expensive new hardware, often long before the existing solutions have reached their intended terms of use.

What is needed is the ability to retain use of the existing tools, ensuring they remain fit for purpose and deliver value as the demands increase, and just as importantly, do not require more time for updates to be performed manually; and as we all know, the updating of Perimeter Firewall rules can be an extremely arduous, time-consuming and regular exercise.

Further use and return from your existing security environment

With the increased use of bandwidth-hungry applications, security tools run far more efficiently when they only have to monitor and filter legitimate and suspicious traffic. The ability to strip out the traffic that comes from sources already confirmed as being illegal so your existing security layers need not even see it becomes a very attractive, yet simple proposition.

This is where the use of Ixia ThreatARMOR in front of the Perimeter Firewall provides such high value because it automatically prevents the traffic coming from known bad IP addresses from even troubling the Firewall – let alone the security layers behind the Firewall. This frees up the security environment to concentrate purely on the traffic of interest from new and unknown (but sophisticated) cyber threats; also called Zero-Day Attacks and Advanced Persistent Threats.

Furthermore, ThreatARMOR utilises Ixia’s Application Threat Intelligence (ATI) program that constantly monitors the internet to provide real-time information to all ThreatARMOR appliances on new threats, untrusted countries and malicious web sites and as when they emerge. This enables ThreatARMOR to block traffic from the known bad IP addresses (hijacked and unassigned) that are often the source of malware, botnets and phishing attacks.

If an IP address has been hijacked or is unassigned, do you wish to receive communication from it? And do you really want your sophisticated security tools to have to give it the time of day?

Updated with new information every 5 minutes, Ixia’s ATI program is truly Carrier-Grade because it is also used by many of the world’s manufacturers of the networking equipment used in Internet Exchanges and Data Centres to stress test and validate their solutions with real-life traffic and malware.

In addition to this, ThreatARMOR also automatically blocks malware already on the network from communicating back to the source of the crime, in effect, preventing the malware from releasing your critical information to the cyber-attacker.

So, next time you are considering an upgrade of your Firewall, Intrusion Prevention System (IPS), SIEM solution or Malware Sandbox, consider the value of ThreatARMOR; it significantly reduces your network attack surface and then goes on to make your other security solutions more effective performing the core functions for which they were purchased.

And by the way, new bad IP addresses emerge every single day – do you really want to manually update your Firewall rules at the same rate? Or would you prefer ThreatARMOR to automatically update the block list every 5 minutes?

You can learn more about ThreatARMOR here and read here about what happened when we placed a ThreatARMOR appliance in front on our own test network.


You can join the ThreatARMOR conversation on Twitter here.


As a channel-only solution, ThreatArmor is available exclusively from Ixia’s carefully selected channel partners.