|
|
 |
|
Company Overview
TippingPoint, a division of 3Com, is the leading provider of network-based
intrusion prevention systems that deliver in-depth Application Protection,
Infrastructure Protection, and Performance Protection for corporate enterprises
, government agencies , service providers and academic institutions. Our
innovative approach offers customers unmatched network-based security with
unrivaled economics, ultra-high performance, scalability and reliability.
Product Overview
UnityOne Intrusion Prevention Systems
The UnityOne Intrusion Prevention System (IPS) delivers the most powerful network protection in the world. The UnityOne is an in-line device that is inserted seamlessly and transparently into the network. As packets pass through the IPS, they are fully inspected to determine whether they are legitimate or malicious. This instantaneous form of protection is the most effective means of preventing attacks from ever reaching their targets.
TippingPoint's UnityOne provides Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, UnityOne protects routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. UnityOne Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.
The system is built upon TippingPoint's Threat Suppression Engine - a highly specialized hardware-based intrusion prevention platform consisting of state-of-the-art network processor technology and TippingPoint's own set of custom ASICs. The UnityOne ASIC-based Threat Suppression Engine is the underlying technology that has revolutionized network protection. Through a combination of pipelined and massively parallel processing hardware, the TSE is able to perform thousands of checks on each packet flow simultaneously. The TSE architecture utilizes custom ASICs, a 20 Gbps backplane and high-performance network processors to perform total packet flow inspection at Layers 2-7. Parallel processing ensures that packet flows continue to move through the IPS with a latency of less than 215 microseconds, independent of the number of filters that are applied.
The UnityOne TSE architecture also enables traffic classification and rate shaping. Sophisticated algorithms baseline "normal" traffic allowing for automatic thresholds and throttling so that mission critical applications are given a higher priority on the network.
The UnityOne IPS family offers a range of products that differ in capacity and the number of simultaneous segments they protect.
UnityOne-50 (50 Mbps)
UnityOne-100E (100 Mbps)
UnityOne-200 (200 Mbps)
UnityOne-400 (400 Mbps)
UnityOne-1200 (1.2 Gbps)
UnityOne-2000 (2.0 Gbps)
UnityOne-2400 (2.0 Gbps)
UnityOne-5000 (5.0 Gbps) (Coming Soon!)
UnityOne-SMS (Enterprise-Level Management System)
An integral part of the UnityOne solution is the Digital Vaccine Service that delivers new filters on a weekly or even daily basis to maintain evergreen protection for the latest vulnerabilities, exploits, viruses and rogue applications.
UnityOne Security Management System
The UnityOne Security Management System is an enterprise-class management platform that provides administration, configuration, monitoring and reporting for up to 1,000 UnityOne Intrusion Prevention Systems. It is a zero-install rack mountable appliance that features a state-of-the-art client interface.
The SMS features customizable access control levels for operator (read-only), admin and supervisor privileges. It enables "big picture" analysis with trending reports, correlation and real-time graphs - including reports on Traffic Statistics, Filtered Attacks, Network Hosts and Services and UnityOne Inventory and Health.
The SMS dashboard provides at-a-glance monitors, with launch capabilities into the targeted management applications that provide global command and control of UnityOne.
UnityOne Digital Vaccine
In providing the vulnerability analysis for SANS every week, the TippingPoint security team simultaneously develops new attack filters to address the vulnerabilities and incorporates these filters into Digital Vaccines. Vaccines are created not only to address specific exploits, but also potential attack permutations, protecting customers from Zero-Day threats. For maximum security coverage, TippingPoint deploys a variety of security filters, including traffic anomaly filters and vulnerability-based filters. In the case of a virus, where there is no underlying vulnerability, TippingPoint delivers attack signatures. Digital Vaccines are delivered to customers every week, or immediately when critical vulnerabilities and threats emerge, and can be deployed automatically with no user interaction required.
New filters are continuously fed to the IPS to keep it up-to-date against the latest vulnerabilities. Each filter can be thought of as a "Virtual Software Patch" that is created within the network to protect downstream hosts from attack. Any malicious traffic intended to exploit a particular vulnerability is immediately detected and blocked. The solution is highly scalable in that the intrusion prevention system can protect thousands of unpatched systems with a single virtual patch.
TippingPoint's expertise is recognized worldwide: 250,000 administrators, executives, and security professionals subscribe to the SANS @RISK report, which is authored by TippingPoint security analysts. The same analysis feeds our Digital Vaccine filter developers to prioritize how best to protect our customers. New Digital Vaccines are typically released on a weekly basis, but are turned in a matter of hours in emergency situations. The speed with which we deliver new filters makes this a powerful weapon in the patch race.
|
|
|
