Intrusion detection-prevention (IDS-IPS)
TippingPoint Intrusion Prevention System
One of the most critical components of any IT security program is the ability to detect or prevent network intrusions before the attacker is able to do real damage. Asked which IDS/IPS system best meets the challenge, readers gave the highest marks to TippingPoint's Intrusion Prevention System (IPS).
The TippingPoint IPS is an inline device that gives packets a thorough inspection to determine if they're malicious. This instantaneous protection is the most effective means of preventing attacks from reaching their targets, says Neal Hartsell, TippingPoint's VP of marketing.
"Customers are looking for an inline device that actively takes malicious traffic out of their network--plain and simple," he says. "Customers come to us and say they want the traffic removed in a transparent way that doesn't affect network infrastructure or user connectivity."
According to the vendor's Web site, TippingPoint IPS provides application, performance and infrastructure protection at gigabit speeds through total packet inspection. Application protection capabilities provide fast, accurate, reliable protection from internal and external cyberattacks. The product is designed to protect VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies.
The system is built upon TippingPoint's Threat Suppression Engine (TSE)--a hardware-based intrusion prevention platform consisting of state-of-the-art network processor technology and TippingPoint's custom ASICs. The TSE architecture utilizes a 20-Gbps backplane and high-performance network processors to perform total packet flow inspection at Layers 2-7. Parallel processing ensures that packet flows continue to move through the IPS with a latency of less than 84 microseconds, independent of the number of filters applied.