"As a TippingPoint customer, we have always been impressed by the quality and performance of their security products. We jumped at the opportunity to test the N-Platform and we haven't been disappointed," said Kris Jmaeff, information security systems specialist at Interior Health, a health authority established by the Government of British Columbia. "The TippingPoint N-Platform is extremely fast and very powerful. The number of filters providing inspection can be increased exponentially, yet the performance is as strong " if not stronger " than ever."
Organizations are actively seeking ways to cut costs through data center consolidation and convergence of technologies. At the same time, compliance with industry regulations continues to be a primary driver of technology spending. "These data center trends are also being impacted by outside influences such as erosion of the traditional network perimeter and a surge of new vulnerabilities targeting Web applications," said Rob Ayoub, senior security research analyst at Frost & Sullivan. "As companies struggle to reconcile their security spending with these new data center demands, TippingPoint's IPS Platform provides an ideal solution that meets the needs for total cost of ownership and uncompromised security."
Extensible Security Framework Provides a Foundation for Growth
The TippingPoint N-Platform includes a modular software architecture that supports faster development and deployment of new IPS filter packages from DVLabs, as well as from customers. It also provides the foundation for development of security services that can be powered by deep packet inspection (DPI). Examples of the security services that the new IPS Platform will support include: customer-defined Internet Protocol (IP) reputation services; the TippingPoint Reputation Digital Vaccine' (DV) Service; the TippingPoint Web Application DV Service; data leakage protection (DLP) filter sets; network location-based policies (perimeter, core, etc.) and customer developed filter sets.
"The evolution of the data center is driving demand for uncompromised security and organizations are working to reduce IT administrative costs wherever possible," said Alan Kessler, president of TippingPoint. "The introduction of our TippingPoint security platform, the integration with the H3C LAN infrastructure portfolio, and our partner ecosystem provide organizations the capability to deploy best-of-breed security solutions and help alleviate the growing OPEX cost burden."
The modular design also enables further integration with third party partner security solutions including, but not limited to: vulnerability assessment and vulnerability management (VA/VM); forensics solutions; security information management (SIM) systems; and network-based anomaly detection (NBAD) products.
"Platform refreshes in the security appliance world are generally focused on making bigger, faster appliances," said Jeff Wilson, principal analyst with Infonetics Research. "TippingPoint focused on building a product that was more modular and more efficient; this will translate into performance gains, but also improves the cost and utility of the products as well."
Threat Suppression Engine Provides Security Footprint for Years of Future Threat Protection
The redesigned Threat Suppression Engine (TSE) embedded in the TippingPoint N-Platform is designed to keep pace with the evolving security demands of today's enterprise networks and data centers. This enables a significant increase in simultaneous deep packet inspection capacity for supporting future security services. Additionally, the TSE provides greater threat protection to handle threat evolution; and capacity to simultaneously run multiple IPS filters packs and security services.
The TSE architecture also enables traffic classification and rate shaping. Sophisticated algorithms provide a baseline of "normal" traffic, allowing for automatic thresholds and throttling of malicious or unwanted application traffic. The TSE provides the capacity to turn on all of the security filters required to block malicious traffic from entering the network.
Key features of the N-Platform " including the new code base and parallel processing capabilities, as well as DV filter sets and support of security services " will provide the critical security elements for the 3Com Secure Network Fabric. The Secure Network Fabric is a vital component of 3Com's commitment to deliver a "no compromise" network. As part of this solution, the TippingPoint N-Platform technology will be integrated with the LAN infrastructure equipment from H3C, providing data center customers with comprehensive security at any point on the network under a unified policy management framework.
The TippingPoint N-Platform is expected to be generally available in December 2009. Pricing for the N-Platform varies based on device throughput requirements and geographic location. For more information on the TippingPoint N-Platform product line, please visit www.tippingpoint.com/n-platform.
About TippingPoint and 3Com
TippingPoint is the enterprise security brand of 3Com Corporation (NASDAQ: COMS), a $1.3 billion global enterprise networking solutions provider that sets a new price/performance standard for customers. 3Com has three global brands—H3C, 3Com, and TippingPoint—that offer high-performance networking and security solutions to enterprises large and small. TippingPoint leads the advancement of network security with a modern network security platform and intrusion prevention system (IPS), purpose-built to protect today's next-generation data center network from evolving, global security threats. TippingPoint helps organizations reduce security operating costs while ensuring maximum business continuity. For more information on TippingPoint, please visit www.tippingpoint.com, or the press center at www.tippingpoint.com/press.
Copyright 2009 3Com Corporation. 3Com, 3Com logo, H3C, H3C logo, Digital Vaccine and TippingPoint, are registered trademarks of 3Com Corporation or its wholly owned subsidiaries in various countries throughout the world. All other company and product names may be trademarks of their respective holders.