The distinct advantages of the iPolicy Networks solution are support for security domains, exceptional performance, and centralized management. With iPolicy Networks, security services can be defined on a customer basis by assigning them a Security Domain which is a virtual Intrusion Prevention Firewall that can be independently managed and configured.

A single physical Intrusion Prevention Firewall can support thousands of Security Domains –i.e. thousands of unique customers- concurrently. Adding a new customer is a software-based provisioning task that requires no new hardware deployment. Furthermore, a Security Domain may execute across distributed physical Intrusion Prevention Firewalls. For example, a customer with three geographical locations may link to his carrier through a POP close to each location. Security will be enforced at each POP by a physical Intrusion Prevention Firewall yet the customer’s security is still managed as a single Security Domain.

Carriers interested in delivering high-value custom managed security services to companies with sophisticated security needs value the flexibility of iPolicy Networks’ solution. Security functions such as firewall, IDS/IPS, URL screening, etc. can be individually enabled and policies can be individually tailored for each customer by assigning them a unique Security Domain.

iPolicy 7000 Series
The iPolicy 7000 series Intrusion Prevention Firewall is a high-performance, ATCA based integrated security system delivering converged IDS/IPS, Firewall, URL filtering, Antispam and Inline Antivirus in one security device.

With two chassis models of varying capacity and an array of network security modules, large enterprises and service providers can easily grow the capacity of the iPolicy 7000 series system as the business grows or security requirements change.

iPolicy 7120 ATCA Chassis System iPolicy 7050 ATCA Chassis System 12 Processing Blades AC/DC, Redundant Power Supply Firewall throughput 48 Gbps 12 million Concurrent Active Sessions Upto 8 X 1G interfaces per switch blade 4 Processing Blades AC/DC, Redundant Power Supply Firewall throughput 16 Gbps 4 million Concurrent Active Sessions Upto 8 X 1G interfaces per switch blade

iPolicy 5000 Series
The iPolicy 5000 series Intrusion Prevention Firewall is a high-performance
2RU platform ideally suited for deployments in large enterprises and managed
security service providers (MSSPs) with a maximum throughput of 6 Gbps.
These carrier-class platforms are designed to meet the most demanding
requirements for performance, availability, and reliability.

The iPolicy 5000 series Intrusion Prevention Firewall delivers integrated network security solutions enabling enterprise and service providers to protect their high-speed networks against current and emerging threats.

iPolicy 5400 System iPolicy 5800 System Firewall throughput 6 Gbps 1 million Concurrent Active Sessions AC/DC, Redundant Power Supply Firewall throughput 8 Gbps 1 million Concurrent Active Sessions AC/DC, Redundant Power Supply

Alternatively, Service Providers may select to restrict their offering to a set of pre-packaged security services. Packages offered may include mitigation of DoS/DDoS attacks, protection from worm and virus propagation, restricted access to pre-set categories of Internet web sites, etc. Each package is implemented with a Security Domain and customers are asked to choose from a list of available options. This alternative MSSP model is attractive to smaller ISPs and smaller Telcos because no costly custom configuration is required. It provides them the opportunity to enhance their connectivity services with low-cost security services that generate high-margin incremental revenue. It also provides a means to differentiate themselves form pure bandwidth providers. In addition to protecting end-user computer equipment from possibly harmful attacks, these services “clean the pipe”, freeing up bandwidth for legitimate traffic. This means the service provider can add more customers without incurring added bandwidth cost.