Trend Micro TippingPoint Threat Protection System 9200TXE
Real-time detection, enforcement, and remediation without compromising security or performance

Overview

Your organization is in the constant shadow of evolving and sophisticated cyber threats. In some cases, these threats are not only more complex than those of the past, but they are also targeted and rely on newly discovered vulnerabilities or exploits. In other cases, threats take advantage of older vulnerabilities that you thought were long forgotten. Safeguarding your network assets and data from such risks involves detailed visibility into all your network layers and resources. It requires comprehensive, up-to-date security intelligence and a dynamic approach that uses awareness and automation to adapt to new threats, new vulnerabilities, and everyday network changes.

These vastly different threats require a multi-pronged approach to security. Organizations need robust security solutions at the edge of and inside their networks to prevent malicious attacks from getting to critical resources. They also need comprehensive threat intelligence to protect against known, unknown, and undisclosed vulnerabilities.

Trend Micro TippingPoint Threat Protection System (TPS) is a powerful network security platform that offers comprehensive threat protection against known and undisclosed vulnerabilities with high accuracy. TippingPoint TPS provides industry-leading coverage across different threat vectors from advanced threats, like malware and phishing, with extreme flexibility and high performance. The TippingPoint TPS uses a combination of technologies, including deep packet inspection, threat reputation, URL reputation, and advanced malware analysis on a flowby-flow basis—to detect and prevent attacks on the network. The TippingPoint TPS enables enterprises to take a proactive approach to security, providing comprehensive contextual awareness and deeper analysis of network traffic. This complete contextual awareness, combined with the threat intelligence from Trend Micro™ TippingPoint Digital Vaccine Labs (DVLabs) provides the visibility and agility necessary to keep pace with today’s dynamic, evolving enterprise and data center networks.

Features

TippingPoint Threat Protection Extended to the Cloud:

Trend Micro™ Cloud Network Protection, powered by TippingPoint, is a robust, inline security solution that allows your enterprise to extend your existing TippingPoint network protection to your hybrid cloud environments. Offering comprehensive threat protection—including virtual patching, shielding against vulnerabilities, blocking exploits, and defending against known and zero-day attacks with high accuracy—you get industry-leading coverage across multiple threat vectors. Apply your TippingPoint security controls and policies to your cloud environments via your existing Security Management System (SMS).

On-Box SSL Inspection:

Sophisticated and targeted attacks are increasingly using encryption to evade detection. TippingPoint TPS reduces your security blind spots created by encrypted traffic with on-box SSL inspection.

Performance Scalability:

The increase in data center consolidation and proliferation of cloud environments requires security solutions that can scale as network demands increase. TippingPoint TPS delivers unprecedented security and performance for your high-capacity networks. This includes a scalable deployment model, featuring the industry’s first 100 Gbps next-generation intrusion prevention system (NGIPS) in a 1U form factor—with the ability to scale up to 0.5 Tbps (500 Gbps) aggregate in a 5U form factor.

Flexible Licensing Model:

Easily scale performance and security requirements with a payas-you-grow approach and flexible licenses that can be reassigned across TippingPoint TPS deployments without changing your network infrastructure.

Real-Time Machine Learning:

Many security threats are short-lived and constantly evolving, at times limiting the effectiveness of traditional signature and hash-based detection mechanisms. TippingPoint TPS uses statistical models, developed with machine learning techniques, so you can detect and mitigate threats in real time.

Enterprise Vulnerability Remediation (eVR):

Quickly remediate vulnerabilities by integrating third-party vulnerability assessments with the TippingPoint solution portfolio. Your team can pull in information from various vulnerability management and incident response vendors (Rapid7, Qualys, Tenable) to map Common Vulnerabilities and Exposures (CVE) to TippingPoint DV filters and act accordingly.

Advanced Threat Analysis:

Extend protection from unknown threats through integration with Trend Micro™ Deep Discovery™ Analyzer. TippingPoint TPS pre-filters known threats, forwards potential threats for automated sandbox analysis, and remediates in real time upon confirmation of malicious content.

High Availability:

Ideal for inline deployment, TippingPoint TPS provides you with multiple fault-tolerant features, including hot swappable power supplies, watchdog timers to continuously monitor security and management engines, built-in inspection bypass, and zero power high availability (ZPHA). In addition, you can provision TippingPoint TPS using redundant links in a transparent active-active or active-passive high availability (HA) mode.

Integrated Advanced Threat Prevention:

TippingPoint TPS integrates with Deep Discovery™ advanced threat detection solutions.

Asymmetric Traffic Inspection:

Traffic asymmetry is widespread and pervasive throughout enterprise and data center networks. To fully protect your networks, you must overcome challenges from both flow and routing asymmetry. By default, TippingPoint TPS inspects all types of traffic, including asymmetric traffic, and applies security policies to ensure comprehensive protection.

Agility and Flexibility:

TippingPoint TPS embraces software-defined network protection by deploying an intrusion prevention system (IPS) as a service. TippingPoint TPS also protects virtualized applications from within your virtualized infrastructure (VMware, KVM).

Best-in-Class Threat Intelligence:

Trend Micro™ Research provides cutting-edge threat analysis and security filters that cover an entire vulnerability to protect against all potential attack permutations, not just specific exploits. In addition, you have exclusive access to vulnerability information from our Trend Micro™ Zero Day Initiative™ (ZDI)—for advanced zero-day threat protection. The ZDI is the largest vendor-agnostic bug bounty program. With more than 1,604 vulnerabilities published in 2020, TippingPoint customers are protected an average of 102 days ahead of a vulnerability being patched by the affected vendors.

Virtual Patching:

Leverage a powerful and scalable frontline defense mechanism that protects your network from known threats. Vulnerability-based filters provides your team with an effective barrier from all attempts to exploit a particular vulnerability at the network level—rather than the end-user level. This helps you gain control of your patch management strategy with pre-emptive coverage between the discovery of a vulnerability and the availability of a patch, as well as added protection for legacy, out-of-support software.

Support for a Broad Set of Traffic Types:

The TippingPoint TPS platform supports a wide variety of traffic types and protocols. It provides uncompromising IPv6/v4 simultaneous payload inspection and support for related tunneling variants (4in6, 6in4, and 6in6). It also supports inspection of IPv6/v4 traffic with VLAN and MPLS tags, mobile IPv4 traffic, GRE and GTP (GPRS tunneling), and jumbo frames. This breadth of coverage gives your IT and security administrators the flexibility to deploy protection wherever it is needed.

Centralized Management:

The Trend Micro™ TippingPoint™ Security Management System (SMS) delivers a unified policy and element management graphical user interface. This provides you with a single mechanism for monitoring operational information, editing network security policies, configuring elements, and deploying network security policy across your entire infrastructure, whether physical or virtual.

Specifications

Performance Specifications

9200TXE	Single Appliance	Two-Unit Stack	Three-Unit Stack	Four-Unit Stack	Five-Unit Stack
Inspection Throughput	100Gbps	200Gbps	295Gbps	390Gbps	485Gbps
New SSL Connections per Second	1M	2M	3M	4M	5M
Max Concurrent Connections	300M	600M	900M	1,200M	1,500M
Latency	<60 microseconds
TLS Inspection Throughput	25Gbps	N/A	N/A	N/A	N/A
New TLS Connections Per Second	10,000	N/A	N/A	N/A	N/A
Max TLS Concurrent Connections	250,000	N/A	N/A	N/A	N/A
Max imported TLS/SSL Certificates	1,000	N/A	N/A	N/A	N/A

Physical Specifications

9200TXE	Specifications
Dimensions (W x D x H)	18.54” W x 34.10” D x 1.73” H (1RU)
Weight	42lbs (w/ Blank IOMs)
Voltage	100VAC ~ 240VAC, -40VDC ~ -60VDC
Max Fused Power	1500W @110VAC, 2000W @220VAC
Max Power Consumption	1300W w/ 2x 100GbE IOMs
Power Supplies	Mix of modules listed below
Fans	7x hot swappable
Mounting	19-inch-wide rack
Operating Temperature	32°F to 104°F (0°C to 40°C)
Operating Relative Humidity	5% to 95% non-condensing
Non-Operating/Storage Temperature	-4°F to 158°F (-20°C to 70°C)
Non-Operating/Storage Relative Humidity	5% to 95% non-condensing
EMC	Class A, FCC, VCCI, CE Marking EN55032:2014/A11:2020, CISPR: 2015; EN55035:2017/A11:2020, CISPR 35: 2015; EN61000-3-2:2014; EN61000-3-3:2013/A1:2019
Altitude	Up to 6,500 feet above MSL (2000m)
Safety	IEC 60950-1:2005, AMD1:2009, AMD2:2013; IEC62368-1:2014
Mean Time Between Failure (MTBF)	64,589 Hours @ 25C

Network I/O Modules

Standard	Ports	Port Speed	Part Number
6-Segment 25GbE SFP28	SFP28/SFP+/SFP	25/10/1Gbps	TPNN0370
4-Segment 100GbE QSFP28	QSFP28/QSFP+	100/40Gbps	TPNN0371
Bypass	Ports	Port Speed	Part Number
4-Segment 25GbE Fiber SR	Multi-mode Fiber (LC Type)	25Gbps	TPNN0374
4-Segment 25GbE Fiber LR	Single-mode Fiber (LC Type)	25Gbps	TPNN0375
2-Segment 25GbE Fiber SR4	Multi-mode Fiber (MPO Type)	100bps	TPNN0372
2-Segment 25GbE Fiber LR4	Single-mode Fiber (MPO Type)	100bps	TPNN0373

Documentation

Trend Micro TippingPoint Threat Protection System Datasheet (.PDF)