Tipping Point                       Overview             Features             Specifications

TippingPoint's Intrusion Prevention Systems provide Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, the TippingPoint IPS protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. TippingPoint's Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.

The system is built upon TippingPoint's Threat Suppression Engine (TSE) - a highly specialized hardware-based intrusion prevention platform consisting of state-of-the-art network processor technology and TippingPoint's own set of custom ASICs. The TippingPoint ASIC-based Threat Suppression Engine is the underlying technology that has revolutionized network protection. Through a combination of pipelined and massively parallel processing hardware, the TSE is able to perform thousands of checks on each packet flow simultaneously. The TSE architecture utilizes custom ASICs, a 20 Gbps backplane and high-performance network processors to perform total packet flow inspection at Layers 2-7. Parallel processing ensures that packet flows continue to move through the IPS with a latency of less than 84 microseconds, independent of the number of filters that are applied.

The TippingPoint TSE architecture also enables traffic classification and rate shaping. Sophisticated algorithms baseline "normal" traffic allowing for automatic thresholds and throttling so that mission critical applications are given a higher priority on the network.

The TippingPoint IPS family offers a range of products that differ in capacity and the number of simultaneous segments they protect.

  • TippingPoint 10

  • TippingPoint 110

  • TippingPoint 330

  • TippingPoint 210E

  • TippingPoint 600E

  • TippingPoint 1200E

  • TippingPoint 2400E

  • TippingPoint 5000E

  • TippingPoint 660N

  • TippingPoint 1400N

  • TippingPoint 2500N

  • TippingPoint 5100N

  • TippingPoint SMS (Enterprise-Level Management System)

  • TippingPoint ZPHA (Zero Power High Availability)

The integral part of the TippingPoint solution is the Digital VaccineŽ Service. Developed by TippingPoint's world-renowned security researchers (DVLabs), the Digital Vaccine service delivers comprehensive security filters to TippingPoint Intrusion Prevention Systems to to pre-emptively protect against the exploit of new and zero-day vulnerabilities. These filters, created to block multiple attack variants on a single vulnerability versus a simple exploit, provide attack recognition accuracy without compromising network performance. Digital Vaccine updates are automatically delivered twice a week, or immediately when critical vulnerabilities and threats emerge. TippingPoint's "Recommended Settings" provide preconfigured policies to automatically and accurately block attacks without any tuning, significantly reducing the amount of time and resources required to protect and maintain a healthy network.