Professional Documents
Culture Documents
Tippingpoint Intrusion Prevention System (Ips)
Tippingpoint Intrusion Prevention System (Ips)
Protection has never been more powerful. TippingPoint is the industry’s leading Intrusion Prevention System (IPS), unrivaled in
security, performance, high availability and ease-of-use. As the only Intrusion Prevention System to receive the NSS Gold Award
and to be certified as the first multi-gigabit Network IPS by ICSA Labs, among many other awards, TippingPoint is the defining
benchmark for network-based intrusion prevention.
Features and Benefits Proactive Network Security revolutionary architectural approach needed for
Intrusion Detection Systems, by definition, only true Intrusion Prevention. Traditional software
Switch-Like Performance
• Multi-Gigabit Per Second Attack Filtering detect and do not block unwanted traffic. The and appliance solutions operate on general-
• Latency < 84 μsec TippingPoint IPS operates in-line in the network, purpose hardware and processors and are
• Real World TCP/UDP Traffic Mix
• Two Million+ Simultaneous Sessions blocking malicious and unwanted traffic, while simply unable to perform without degrading
– TCP/UDP/ICMP allowing good traffic to pass unimpeded. In network performance. Through rigorous third-
• 1,000,000+ Connections Per Second
fact, TippingPoint optimizes the performance of party testing, TippingPoint has demonstrated
Comprehensive Threat Protection good traffic by continually cleansing the network Intrusion Prevention at multi-gigabit speeds,
• VoIP • Phishing • Worms • Quarantine
• OS Vulnerabilities • DDoS • P2P and prioritizing applications that are mission with extraordinary attack prevention accuracy.
• Spyware • Viruses • ZDI critical. TippingPoint’s high performance and
Client and Server Protection extraordinary intrusion prevention accuracy have Threat Suppression Engine
• Prevent Attacks on Vulnerable Applications &
Operating Systems redefined network security, and fundamentally TippingPoint’s ASIC-based Threat Suppression
• Eliminate Costly Ad-Hoc Patching changed the way people protect their Engine (TSE) is the underlying technology that
• Multiple Filtering Methods
organization. has revolutionized network protection. Through
Network Infrastructure Protection a combination of pipelined and massively
• Protect Cisco IOS, DNS and Other Infrastructure It is no longer necessary to clean up after parallel processing hardware, the TSE is able to
• Protect Against Traffic Anomaly, DDoS, SYN
Floods, Process Table Floods cyber attacks have compromised network perform thousands of checks on each packet
• Access Control Lists servers and workstations. No more ad-hoc and flow simultaneously. The TSE architecture
Traffic Normalization emergency patching and no more out of control, utilizes custom ASICs, a 20 Gbps backplane
• Increase Network Bandwidth and Router rogue applications like Peer-to-Peer and Instant and high-performance network processors to
Performance
• Normalize Invalid Network Traffic Messaging running rampant throughout the perform total packet flow inspection at Layers
• Optimize Network Performance network. Denial-of-Service (DoS) attacks that 2-7. Parallel processing ensures that packet
Application Performance Protection choke Internet connections or crash mission flows continue to move through the IPS with a
• Increase Bandwidth and Server Capacity critical applications are a thing of the past. bounded latency of less than 84 microseconds,
• Rate-Limit or Block Unwanted Traffic (P2P/IM)
• Guarantee Bandwidth for Critical Applications independent of the number of filters that are
TippingPoint solutions decrease IT security applied.
Digital Vaccine® Real-Time Inoculation cost by eliminating ad-hoc patching and alert
• World-Renowned Security Research Team
• Protection Against Zero-Day Attacks response, while simultaneously increasing IT “The TippingPoint IPS is the best security solution I
• Automatic Distribution of Latest Filters productivity and profitability through bandwidth have come across. Its performance has been nothing
savings and protection of critical applications. short of amazing. The solution more than paid for itself
Security Management System
• Manage Multiple TippingPoint Systems within the first year. It’s simple to deploy and manage
• At-A-Glance Dashboard because it can interoperate with all kinds of hardware.”
• Automatic Reporting
Unparalleled Performance
• Device Configuration and Monitoring Blocking cyber-attacks at multi-gigabit speeds Richard Cross, Information Security Officer
• Advanced Policy Definition and Forensic Analysis with extremely low latency requires purpose- Toyota Motor Europe
High Availability and Stateful Network Redundancy built hardware. TippingPoint has taken such a
• Dual-Power Supplies
• Layer 2 Fallback
• Active-Active or Active-Passive Stateful
Redundancy (IPS & SMS)
• Zero Power High Availability
TippingPoint Intrusion Prevention System
1
Frost and Sullivan press release. “Frost & Sullivan Recognizes TippingPoint’s Valuable Contribution to Vulnerability Research.” 11 May 2007 Frost & Sullivan.
http://www.frost.com/prod/servlet/press-release.pag?docid=98552761&ctxst=FcmCtx1&ctxht=FcmCtx2&ctxhl=FcmCtx3&ctxixpLink=FcmCtx3&ctxixpLabel=FcmCtx4