TippingPoint Intrusion Prevention System
Security Brigade Logo
Services | Products | Compliance | Training | Home | Clients | Contact Us
Menu
Services
Products
Training
Compliance
Whitepapers
Case-Studies
News
Media
Contact Us

Clients / Partners

Search
Datasheet Specifications

Overview

The TippingPoint Intrusion Prevention System (IPS) delivers the most powerful network protection in the world. The TippingPoint IPS is an in-line device that is inserted seamlessly and transparently into the network. As packets pass through the IPS, they are fully inspected to determine whether they are legitimate or malicious. This instantaneous form of protection is the most effective means of preventing attacks from ever reaching their targets.

TippingPoint's Intrusion Prevention Systems provide Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, the TippingPoint IPS protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. TippingPoint's Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.

The system is built upon TippingPoint's Threat Suppression Engine (TSE) - a highly specialized hardware-based intrusion prevention platform consisting of state-of-the-art network processor technology and TippingPoint's own set of custom ASICs. The TippingPoint ASIC-based Threat Suppression Engine is the underlying technology that has revolutionized network protection. Through a combination of pipelined and massively parallel processing hardware, the TSE is able to perform thousands of checks on each packet flow simultaneously. The TSE architecture utilizes custom ASICs, a 20 Gbps backplane and high-performance network processors to perform total packet flow inspection at Layers 2-7. Parallel processing ensures that packet flows continue to move through the IPS with a latency of less than 84 microseconds, independent of the number of filters that are applied.

The TippingPoint TSE architecture also enables traffic classification and rate shaping. Sophisticated algorithms baseline "normal" traffic allowing for automatic thresholds and throttling so that mission critical applications are given a higher priority on the network.

The TippingPoint IPS family offers a range of products that differ in capacity and the number of simultaneous segments they protect.


PERFORMANCE TP 50 TP 200 TP 200E TP 210E TP 600E TP 1200E TP 2400E TP 5000E
Aggregate Throughput 50 Mbps 200 Mbps 200 Mbps 200 Mbps 600 Mbps 1.2 Gbps 2.0 Gbps 5.0 Gbps
Typical Latency < 1  ms < 150 ms < 1 ms < 1 ms < 84 ms < 84 ms < 84 ms < 84 ms
Total Sessions 128,000 2,000,000 500,000 1,000,000 2,000,000 2,000,000 2,000,000 2,000,000
Connections / Sec 5,000+ 130,000 8,000+ 8,000+ 390,000 781,000 1,100,000 1,100,000
Invalid SYNs/Sec Under SYN Flood n/a n/a 60,000 150,000 1,170,000 2,344,000 3,000,000 3,000,000

POWER DISSIPATION TP 50 TP 200 TP 200E TP 210E TP 600E TP 1200E TP 2400E TP 5000E
Units AC AC AC AC AC AC AC AC
Amps (Max. Fused Power) 6/3 6/3 6/3 6/3 6/3 6/3 6/3 6/3
V 100-240 100-240 100-240 100-240 100-240 100-240 100-240 100-240
Efficiency 72% 68% 72% 72% 68% 68% 68% 68%
Freq. Range (Hz) 50-60 50-60 50-60 50-60 50-60 50-60 50-60 50-60

HIGH AVAILABILITY

  • Dual-Power Supplies (on models 200 and above, excluding 200E & 210E)
  • Layer 2 Fallback
  • Active-Active or Active-Passive Stateful Redundancy (IPS + SMS)
  • Zero Power High Availability
  • SMS: Fault Tolerant Configurations Available Security Certification
  • Common Criteria EAL2
  • Analyzer, Sensor, Scanner, System

THIRD PARTY CERTIFICATIONS/AWARDS/DESIGNATIONS

  • ICSA Labs Network IPS Certification (5000E)
  • Leaders Quadrant – Gartner IPS Magic Quadrant, 2H’06
  • Information Security Magazine - 2007 Reader’s Choice Award
  • Frost & Sullivan Market Penetration Leadership Award – IDS/IPS Market (2005, 2006, 2007)
  • Info Security Products Guide – Tomorrow’s Technology Today
  • Intrusion Prevention Award (2006)
  • Frost & Sullivan Award for Technology Leadership (2005, 2006)
  • Network World China Editor’s Award (2006)
  • Frost and Sullivan 2005 Network Security Infrastructure
  • Protection Entrepreneurial Company of the Year
  • Aberdeen Group – Best Practices Award for Security 2005
  • Info Security Products Guide – Best Deployment Scenario 2005
  • Channel Awards 2005 – Best Corporate Appliance Security Solution (50)
  • The NSS Group – NSS Gold Award 2004
  • SC Global Awards – Best Security Solution 2005
  • Information Security Magazine – IPS Product of the Year 2004
  • SC Magazine Best Buy of 2004, 2005
  • SANS Institute Trusted Tool
  • IDG 2004 Network Protection Product of the Year
  • eWeek Excellence Award – Enterprise Resource Protection
  • eWeek Labs Analyst’s Choice
  • CompTIA Best New Product 2003
  • The Tolly Group – Up To Spec
  • University Business Magazine “Show Stopper” Award

ATTACK FILTERS

  • Number of Attack Filters - 3,000+
  • Categories
    • Worm, Phishing, Spyware, Virus, Trojan, P2p, VoIP, Suspicious, Reconnaissance, Walk-In Worm, Backdoor, DDoS, Bandwidth Hi-jacking, Blended Threat, Zero Day Initiative.

PROTOCOLS

  • IP, DNS, VLAN, IMAP, TCP, RPC, MPLS, SMB, ICMP, HTTP, FTP, Telnet, SMTP, UDP.

ACTIONS

  • Block, Copy, Log, Quarantine, Permit, Alert, E-Mail, Rate Limit.

MESSAGING

  • E-Mail, Script, Pager, Syslog, SNMP.

LED INDICATORS

  • Status
  • Network Activity
  • Link State
  • System Power

MANAGEMENT INTERFACES

  • 1 10/100 Ethernet
  • 1 Serial Port
  • 1 Front Panel LCD

ATTACK FILTER DELIVERY SERVICE

  • Digital Vaccine® Real-Time Inoculation

SYSTEM MANAGEMENT (THREE OPTIONS)

  • Command Line Interface (CLI)
  • Local Security Manager (LSM)
    • On-Box Web-based Management
  • Enterprise Security Management System (SMS)
    • Manages multiple TippingPoint systems
    • 1U Appliance
    • Operating System – TippingPoint OS
    • Client Requirements – Windows XP, 2000, NT or 9X, or Linux with X-Windows

SAFETY

  • UL1950 (200, 1200E, 2400E)
  • UL60950 (50, 200E, 600E, 1200E, 2400E, 5000E)
  • Standard for Safety of Information Technology Equipment
    • CSA 22.2-60950
    • EN60825: Safety of Laser Products
    • EN60950
    • IEC60950
    • ROHS Compliance

IMMUNITY

  • EN-61000-3-2: Harmonic Emissions
  • EN-61000-3-3: Voltage Fluctuations and Flicke
  • EN-61000-4-2: ESD Immunity
  • EN-61000-4-3: Radiated Immunity
  • EN-61000-4-4 EFT: Burst Transients
  • EN-61000-4-5: Surge Protection
  • EN-61000-4-6: Injected RF
  • EN-61000-4-11: Dips and Sags

Features

Protection has never been more powerful. TippingPoint is the industry’s leading Intrusion Prevention System (IPS), unrivaled in security, performance, high availability and ease-of-use. As the only Intrusion Prevention System to receive the NSS Gold Award and to be certified as the first multi-gigabit Network IPS by ICSA Labs, among many other awards, TippingPoint is the defining benchmark for network-based intrusion prevention.

TippingPoint's IPS offers many features such as:

  • Switch-Like Performance
    • Switch-Like Performance
    • Multi-Gigabit Per Second Attack Filtering
    • Latency < 84 μsec
    • Real World TCP/UDP Traffi c Mix
    • Two Million+ Simultaneous Sessions
      • TCP/UDP/ICMP
    • 1,000,000+ Connections Per Second
  • Comprehensive Threat Protection
    • VoIP
    • Phishing
    • Worms
    • Quarantine
    • OS Vulnerabilities
    • DDoS
    • P2P
    • Spyware
    • Viruses
    • ZDI
  • Client and Server Protection
    • Prevent Attacks on Vulnerable Applications & Operating Systems
    • Eliminate Costly Ad-Hoc Patching
    • Multiple Filtering Methods
  • Network Infrastructure Protection
    • Protect Cisco IOS, DNS and Other Infrastructure
    • Protect Against Traffic Anomaly, DDoS, SYN Floods, Process Table Floods\
    • Access Control Lists
  • Traffic Normalization
    • Increase Network Bandwidth and Router Performance
    • Normalize Invalid Network Traffic
    • Optimize Network Performance
  • Application Performance Protection
    • Increase Bandwidth and Server Capacity
    • Rate-Limit or Block Unwanted Traffic (P2P/IM)
    • Guarantee Bandwidth for Critical Applications
  • Digital Vaccine® Real-Time Inoculation
    • World-Renowned Security Research Team
    • Protection Against Zero-Day Attacks
    • Automatic Distribution of Latest Filters
  • Security Management System
    • Manage Multiple TippingPoint Systems
    • At-A-Glance Dashboard
    • Automatic Reporting
    • Device Configuration and Monitoring
    • Advanced Policy Definition and Forensic Analysis
  • High Availability and Stateful Network Redundancy
    • Dual-Power Supplies
    • Layer 2 Fallback
    • Active-Active or Active-Passive Stateful
  • Redundancy (IPS & SMS)
    • Zero Power High Availability

Benefits

TippingPoint’s Intrusion Prevention System provides continuous benefits in any network environment:

  • Automatically Block Attacks by blocking attacks and allowing IT staff to test security patches before deployment, system uptime is ensured.
  • TippingPoint’s Digital Vaccine filters alleviate the need for adhoc and emergency patching.
  • Blocking malicious traffic and rate shaping rogue applications can increase bandwidth availability by 40-70 percent.
  • Accelerate Network Performance by continually cleansing the network of malicious and unwanted traffic, network performance is accelerated for mission critical applications.
  • TippingPoint solutions decrease IT security cost by eliminating ad-hoc patching and alert response, while simultaneously increasing IT productivity and profitability through bandwidth savings and protection of critical applications.
  • Removes the need to clean up after cyber attacks have compromised network servers and workstations. No more ad-hoc and emergency patching and no more out of control, rogue applications like Peer-to-Peer and Instant Messaging running rampant throughout the network.
  • Allow TippingPoint's revolutionary architectural approach to block cyber-attacks at multi-gigabit speeds with extremely low latency.
  • Enjoy the benefit of TippingPoint's ASIC-based Threat Suppression Engine (TSE) that has revolutionized network protection.
  • Ensure that packet flows continue to move through the IPS with a bounded latency of less than 84 ms, independent of the number of filters that are applied.
  • Easy to deploy and manage with its ability to interoperate with all kinds of software.
  • Sophisticated algorithms baseline “normal” traffic, allowing for automatic thresholds and throttling so that mission critical applications are given a higher priority on the network.
  • TippingPoint performs comprehensive total packet flow inspection through Layer 7 to continually cleanse Internet and Intranet traffic and accurately eradicate attacks.
  • Stay protected against new threats before vulnerabilities are disclosed to the public with TippingPoint's Zero-Day Initiative.
  • Ongoing threat prevention against emerging vulnerabilities through the Digital Vaccine service.
  • TippingPoint Security Management System (SMS) is a hardened appliance that provides global vision and control for the TippingPoint IPS.
  • TippingPoint SMS is a rack mountable appliance that features a state-of-the-art secure Java client interface that enables “big picture” analysis with trending reports, correlation and real-time graphs on traffic statistics, fi ltered attacks, network hosts and services, as well as IPS inventory and health.
  • The TippingPoint IPS is deployed seamlessly into the network with no IP address or MAC address and immediately begins filtering out malicious and unwanted traffic.
  • The extremely high speed and low latency capabilities of the IPS enable deployment at the network edge or core, protecting from external as well as internal threats.
  • State of the art “Recommended Filter” settings allow instant deployment out-of-thebox with no tuning required.
  • Designed to ensure that network traffic always flows at wire speed in the event of network error, internal device error or even complete power loss.
Copyright 2006 Security Brigade