Comprehensive network security through actionable security intelligence
The TippingPoint® Threat Protection System (TPS) integrates with the TippingPoint Advanced Threat Protection product family, rated as “Recommended” in the NSS Labs Breach Detection System report three years in a row. Together they detect and block targeted attacks and advanced threats through pre-emptive threat prevention, threat insight and prioritization, and real-time enforcement and remediation.
TippingPoint TPS eliminates SSL blind spots by inspecting encrypted SSL traffic on the same box without compromising network performance, using the same management and graphical interface. Administration is simple and minimizes IT configuration and management demands. Policy-based control provides the ability to determine which SSL encrypted flows should be decrypted for inspection purposes.
TippingPoint TPS gives you the flexibility necessary to keep pace with today’s dynamic, evolving enterprise networks, and is designed to follow your network wherever it moves, whether it’s physical or virtual.
TippingPoint TPS enables faster time-to-security through a simple management interface that is easy-to-use and manage. It provides a unified policy and element management across the entire TippingPoint deployment.
||TippingPoint Standard Virtual vTPS Appliance|
|VMWare ESXi 5.5, 6.0|
|KVM – Redhat Enterprise Linux 6, 7|
|Network Drivers||VMWare – VMXNet3|
|KVM – virtIO|
|Number of logical cores||3 or 4|
|Memory required||8 GB|
|Disk space required||16GB|
|Virtual Appliance Specifications|
|Performance||Includes 500Mbps inspection license|
|IPS Concurrent connections||1,000,000|
|New connections per second||Up to 120K VMware
Up to 60K KVM
|Number of network segments||1|
|Number of virtual segments||No limit|
||Threat Protection System 440T TPNN0002||Threat Protection System 2200T TPNN0005|
|IPS Inspection Throughput||500Mps Upgradeable to 1Gbps||1 Gbps upgradeable to 2 Gbps|
|SSL Inspection||Not Available||Available|
|Latency||<100 microseconds||<100 microseconds|
|New Connections per second||70,000||115,000|
|Weight||15.28 lbs. (6.93Kg)||26.26 lbs. (11.91Kg)|
|Dimensions (Wxdxh)||16.78 in.(W) x 17.3 in.(D) x 1.72 in.(H)
42.62 cm x 45.00 cm x 4.40cm
|16.77 in. (W) x 18.70 in.(D) x 3.46 in.(H)
42.60 cm x 47.50 cm x 8.80 cm
|Management Ports||One out-of-band 10/100/1000 RJ-45
One RJ-45 serial console
Manageable via Security Management System(SMS), LSM HTTPS web interface, Command-line, TippingPoint MIB
|Network Connectivity||Eight 10/100/1000 RJ-45 ports and integrated bypass
One 10/100/1000 RJ-45 high availability ports
|Eight 10/100/1000 RJ-45 ports with integrated bypass support
8 x 1G SFP
4 x 10G SFP+
One 10/100/1000 RJ-45 High Availability ports
Support for external ZPHA for SFP/SFP+
|On-box Storage||8 GB solid state replaceable CFast flash drive|
|Voltage||100-240 VAC, 50-60 Hz|
|Current (max. fused power)||4-2 A||12-6 A|
|Max power consumption||250W(853 BTU/hour)||493W(1,682 BTU/hour)|
|Power supply||Single fixed||Dual, redundant hot-swappable|
|Operating temperature||32°F to 104°F(0°C to 40°C)|
|Operating relative humidity||5% to 95% non-condensing|
|Non-operating/storage temperature||-4°F to 158°F(-20°C to 70°C)|
|Non-operating/storage relative humidity||5% to 95% non-condensing|
|Altitude||Up to 10,000 feet (3,048m)|
|Safety||UL 60950-1, IEC 60950-1
EN 60950-1,CSA 22.2 60950-1
|EMC||Class A, FCC, VCCI, KC
EN55022, CISPR 22, EN55024
CISPR 24, EN61000-3-2
EN61000-3-3, CE Marking
||2200T 1Gbps||2200T 2Gbps|
|IPS + SSL Throughput||500 Mbps + 500 Mbps||1.5 Gbps + 500 Mbps|
|New Connections per second 1,200 1,200||1,200||1,200|
|Supported Cipher Suites||1k, 2k, 4k|
Using a combination of technologies such as deep packet inspection and threat reputation, the TPS provides organisations with a proactive approach to security. Our technology discovers and actively blocks attempts from known, undisclosed, and unknown vulnerabilities.
Flexible physical and virtual deployment options coupled with automatic recommended settings provide immediate and on-going threat protection with little manual effort. Relying on vulnerability-based filters with threat intelligence from the Zero Day Initiative and DVLabs, the TPS provides an effective barrier to all attempts to exploit known, undisclosed, and unknown vulnerabilities. Vulnerabilities are neutralised often months and weeks in advance of a patch.
Digital Vaccine filters maximise protection with machine learning to create mathematical models to predict whether network traffic is malicious or benign. These models are evaluated against network traffic and the TPS makes real-time decisions to immediately and accurately block malicious traffic that emulates known or unknown malware family characteristics with minimal impact on network performance.
Powered by real-time, in-line threat intelligence, our technology protects critical data, applications, and infrastructure without affecting network performance. This complete contextual awareness, combined with the threat intelligence from Digital Vaccine Labs (DVLabs) provides the visibility and agility necessary to keep pace with today’s dynamic, evolving enterprise networks.