Overview
Organizations today are in the constant shadow of evolving and sophisticated cyber threats. In some cases, these threats are not only more complex than those of the past, but they are also targeted and rely on newly discovered vulnerabilities or exploits. In other cases, threats take advantage of older vulnerabilities that you thought were long forgotten. Safeguarding your network assets and data from such threats requires detailed visibility into all your network layers and resources. It requires comprehensive, up-to-date security intelligence, and a dynamic approach that uses awareness and automation to adapt to new threats, new vulnerabilities, and everyday network changes.
These vastly different threats require a multi-pronged approach to security. Organizations need robust security solutions at the edge of and inside their networks to prevent malicious attacks from getting to critical resources. They also need comprehensive threat intelligence to protect against known, unknown, and undisclosed vulnerabilities.
Trend Micro TippingPoint Threat Protection System (TPS) is a powerful network security platform that offers comprehensive threat protection against known and undisclosed vulnerabilities with high accuracy. TippingPoint TPS provides industry-leading coverage across different threat vectors from advanced threats, like malware and phishing, with extreme flexibility and high performance. The TippingPoint TPS uses a combination of technologies, including deep packet inspection, threat reputation, URL reputation, and advanced malware analysis on a flowby-flow basis—to detect and prevent attacks on the network. The TippingPoint TPS enables enterprises to take a proactive approach to security, providing comprehensive contextual awareness and deeper analysis of network traffic. This complete contextual awareness, combined with the threat intelligence from Trend Micro™ TippingPoint Digital Vaccine Labs (DVLabs) provides the visibility and agility necessary to keep pace with today’s dynamic, evolving enterprise and data center networks.
Pre-emptive threat prevention
TippingPoint TPS, deployed inline, has the ability to inspect and block all directions of traffic (inbound, outbound, and lateral) in real time to protect against known, unknown, and undisclosed vulnerabilities.
Threat insight and prioritization
Visibility and insight is crucial to making the best security policy decisions. TippingPoint TPS delivers complete visibility across your network and provides the insight and context needed to measure and drive threat prioritization.
Real-time enforcement and remediation
Defend the network from the edge, to the data center, and to the cloud with realtime, inline enforcement and automated remediation of vulnerable systems. TippingPoint TPS achieves a new level of inline, real-time protection, providing proactive network security for today’s and tomorrow’s real-world network traffic and data centers. The Threat Suppression Engine (TSE) architecture performs high-speed, inline deep packet traffic inspection, and the purpose-built appliance’s modular design enables the convergence of additional security services.
Operational simplicity
With flexible deployment options that are easy to set up and manage through a centralized management interface, TippingPoint TPS provides immediate and ongoing threat protection with outof-the-box recommended settings.
Features
Threat Prevention
Go beyond next-gen IPS with real-time detection, enforcement, and remediation
TippingPoint integrates with the Deep Discovery Advanced Threat Protection solution to detect and block targeted attacks and malware through preemptive threat prevention, threat insight and prioritization, and real-time enforcement and remediation.
- Inspect and block inbound, outbound, and lateral network traffic in real time
- Defend the network with real-time, inline enforcement and automated remediation of vulnerable systems
- Use machine learning techniques to make real-time decisions to immediately and accurately block malicious traffic
Dynamic Scalability
Performance scalability and flexibility for the most demanding network requirements
Delivers unprecedented security and performance for high-capacity, high-performance enterprise networks. It scales performance requirements to protect data, critical infrastructures, and vulnerable applications in real time without adversely affecting network performance and is designed to follow your network wherever it moves whether it’s physical or virtual.
- Scale performance from 250 Mbps up to 120 Gbps
- Deploy up to 40 Gbps inspection throughput in a market-leading 1U form factor
- Embraces software-defined network protection by deploying IPS as a service
Deep Inspection
Comprehensive threat insight and prioritization
Gain complete visibility across your network with the insight and context needed to measure and drive vulnerability threat prioritization. Deep inspection of network traffic identifies and blocks threats undetected by traditional security solutions.
- Eliminate SSL blind spots by inspecting encrypted traffic without compromising network performance
- Submit potential indicators of compromise (IoC) to Deep Discovery for advanced threat analysis
- Monitor and block URL suspicious objects with additional support for user-provided malicious entries
Flexible Deployment
Deployment flexibility and investment protection
With flexible deployment options that are easy to setup and manage through a centralized management interface, TippingPoint provides immediate and ongoing threat protection with out-of-the-box recommended settings.
- Simplify security operations with flexible deployment options that are easy to setup and manage
- Reassign licenses across TPS deployments without changing network infrastructure
- Easily scale performance and security requirements with pay-as-you-grow licensing model
Specifications
Front
- I/O modules
- SP ports
- External storage 1.8-inch SSD (32 GB)
- Stack Master LED
- Stack LED
- Bypass LED
- Health LED
- GbE management port
- Power button
- RJ-45 console port
Rear
- Fan modules - fans are numbered from left to right (Fan 1 is on the left; Fan 7 is on the right)
- Power supply modules (Power supply 1 is on the left; Power supply 2 is on the right)
- DC grounding lug screw holes
|
1100TX
(TPNN0321) |
5500TX
(TPNN0322) |
8200TX
(TPNN0090) |
8400TX
(TPNN0091) |
Supported IPS Inspection Throughput |
250/500 Mbps/1 Gbps |
1/2/3/5 Gbps |
3/5/10/15/20/30/40 Gbps |
3/5/10/15/20/30/40 Gbps |
SSL Inspection(2K Keys with ECDHE-RSA-AES256- GCM-SHA384) |
Not available |
Up to 3.5 Gbps (capped by IPS inspection throughput) |
Up to 8 Gbps (capped by IPS inspection throughput) |
Up to 8 Gbps (capped by IPS inspection throughput) |
New SSL Connections per Second |
Not available |
3,500 |
7,000 |
7,000 |
SSL Concurrent Connections |
Not available |
80,000 |
100,000 |
100,000 |
Latency |
<100 μs |
<60 μs |
<40 μs |
<40 μs |
Concurrent Sessions |
15,000,000 |
30,000,000 |
120,000,000 |
120,000,000 |
New Connections per Second |
100,000 |
400,000 |
650,000 |
650,000 |
MTBF (Mean Time Between Failures) |
93,177 hours @ 25°C ambient |
75,660 hours @ 25°C ambient |
88,706 hours @ 25°C ambient |
88,706 hours @ 25°C ambient |
Form Factor |
1RU |
1RU |
1RU |
2RU |
Weight |
14.5 lbs (6.58 Kg) |
17.5 lbs (7.94 Kg) |
32 lbs (max including IOMs)
29 lbs (w/ blank IOMs) |
50 lbs (max including IOMs)
41.5 lbs (w/ blank IOMs) |
Dimensions (W x D x H) |
18.54” (W) x 17.90” (D) x 1.73” (H)
47.09 cm x 45.47 cm x 4.40 cm |
18.54” (W) x 17.90” (D) x 1.73” (H)
47.09 cm x 45.47 cm x 4.40 cm |
16.78” (W) x 17.3” (D) x 1.72” (H)
42.62 cm x 45.00 cm x 4.40 cm |
16.77” (W) x 18.70” (D) x 3.46” (H)
42.60 cm x 47.50 cm x 8.80 cm |
Management Ports |
One out-of-band 10/100/1000 RJ-45, one RJ-45 serial |
Management Interface |
SMS, local web console, command-line, SNMPv2c, SNMPv3 (Trend Micro TippingPoint MIB available) |
Network I/O Module Slots |
1 |
2 |
2 |
4 |
Network Connectivity |
Mix of modules listed below |
Mix of modules listed below |
Mix of modules listed below |
Mix of modules listed below |
On-Box Storage |
8 GB internal CFAST / 8 GB external 1.8” SSD |
32 GB Internal CFAST / 32 GB External 1.8” SSD |
32 GB hot-swappable 1.8” SSD module |
32 GB hot-swappable 1.8” SSD module |
Voltage |
100-240 VAC, 50-60 Hz |
100-240 VAC, 50-60 Hz |
100 to 240 VAC/-40 to -60 VDC |
100 to 240 VAC/-40 to -60 VDC |
Current (max. fused power) |
4-2 A |
4-2 A |
12/6 amps AC, 24/16 amps DC |
12/6 amps AC, 24/16 amps DC |
Max. Power Consumption |
250 W (853 BTU/hour) |
220W (751 BTU/hour) |
750 W (2,557BTU/hour) |
750 W (2,557BTU/hour) |
Power Supply |
Single field replaceable |
Dual/ redundant hotswappable/field replaceable |
Dual/redundant hot-swappable |
Dual/redundant hot-swappable |
Operating Temperature |
32°F to 104°F (0°C to 40°C) |
Operating Relative Humidity |
5% to 95% non-condensing |
Non-Operating/Storage Temperature |
-4°F to 158°F (-20°C to 70°C) |
Non-Operating/Storage Relative Humidity |
5% to 95% non-condensing |
Altitude |
Up to 10,000 feet above MSL (3,048 m) |
Safety |
UL 60950-1, IEC 60950-1EN 60950-1,CSA 22.2 60950-1RoHS compliance |
EMC |
Class A, FCC, VCCI, KC EN55022, CISPR 22, EN55024 CISPR 24, EN61000-3-2 EN61000-3-3, CE marking |
Cloud Network IPS Technical Specifications
Amazon Web Services (AWS) Instance Type |
C5.2xlarge |
C5.9xlarge and F1.2xlarge |
IPS Inspection Throughput |
22.5 Gbps |
Up to 10 Gbps* |
Latency |
<100 μs |
<100 μs |
Concurrent Connections |
7.5M |
12M |
New Connections Per Second |
75,000 |
100,000 |
*AWS infrastructure may restrict sustained throughput rates to lower amounts. This is specific to the Amazon Elastic Compute Cloud (EC2) instance type. For more information, please contact AWS. Note: We test using our recommended default policy with representative traffic mixes. Your deployment may vary—infrastructure changes, policy, or changes from the representative traffic mix may impact your results. Additionally, your EC2 instance type may enforce sustained throughput restrictions.
Tippingpoint I/O Modules
TippingPoint IO Module Description |
Product SKU |
TippingPoint IO Module: 6-segment Gig-T Rev B |
TPNN0196 |
TippingPoint IO Module: 6-segment GbE SFP |
TPNN0068 |
TippingPoint IO Module: 4-segment 10 GbE SFP+ |
TPNN0060 |
TippingPoint IO Module: 1-segment 40 GbE QSFP+ |
TPNN0069 |
TippingPoint IO Module: 4-segment Gig-T Bypass |
TPNN0070 |
TippingPoint IO Module: 2-segment 1 G Fiber SR Bypass |
TPNN0071 |
TippingPoint IO Module: 2-segment 1 G Fiber LR Bypass |
TPNN0072 |
TippingPoint IO Module: 2-segment 10 G Fiber SR Bypass |
TPNN0073 |
TippingPoint IO Module: 2-segment 10 G Fiber LR Bypass |
TPNN0074 |
TippingPoint IO Module: 1-segment 40GbE LR4 Bypass |
TPNM0132 |
TippingPoint IO Module: 1-segment 40GbE SR4 Bypass |
TPNM0131 |