3Com TECHD-0000000122 manual TippingPoint X-Series Environment, Core Functionality

Page 20

Chapter 1: Overview

The Stateful IP filtering provides service-level, stateful inspection of network traffic. It incorporates filtering functionality to protect mission-critical applications. An administrator can use firewalls and content filters that determines how the system handles traffic to and from a particular service. These filters are specified by the source, destination, and service or protocol of the traffic.

The X-Series is responsible for the host and service database used by TippingPoint. The X-Series scans your network and maintains an inventory of the active hosts and services on those hosts. System administrators can use information collected by the X-Series to tune attack and IP filters.

Core Functionality

The X-Series provides the following core functionality:

Optimized VPN connectivity — The TippingPoint X-Series allows inspection and control of traffic both inside and outside of VPN tunnels.

Enforcement of usage policies — The TippingPoint X-Series can be used to rate-limit applications, such as peer-to-peer file sharing applications, and includes an optimal Web Content Filter subscription service.

Multicast applications — The TippingPoint X-Series prioritizes real-time traffic and provides secure connectivity for IP multicast traffic.

Detection and suppression — Unlike an intrusion detection system (IDS), the X-Series identifies and stops malicious traffic on the edge of the network.

Filter customization — Through IP filters, exceptions, and attack filter creation, you can customize TippingPoint to meet the specific needs of your enterprise.

Real-time threat aggregation — The TMC collects threat information from throughout the world, converts it to attack filters, and distributes it to TippingPoint™ customers.

Monitoring — Enterprise networks are in a constant state of change. Because enterprises regularly reconfigure and add new devices and services, TippingPoint monitors the network for these changes using network discovery.

The following sections describe each security application in more detail.

TippingPoint X-Series Environment

A single X-Series can be installed at the perimeter of your network, on your Intranet, or both.

All of the functionality of the X-Series runs directly on the device as the TippingPoint Operating System (TOS). The Local Security Manager (LSM) is a web-browser client for managing your X-Series that provides a graphical interface for on-the-box administration, configuration, and reporting. The LSM accesses the functionality of the X-Series TOS.

You can also access the functionality of the X-Series using the Command Line Interface (CLI). The CLI provides a command line interface for you to set values, run setup commands, and perform general functions. However, the LSM provides most of the advanced functionality, such as reporting and filter configuration.

The Security Management System (SMS) provides functionality beyond that provided by the LSM and CLI. The SMS enables you to manage not one but multiple X-Series devices. The SMS coordinates all X-

2

X-Series Hardware Installation and Safety Guide V 2.5

Page 19 Page 21
Image 20
Page 19 Page 21
Contents Series Installation Safety Guide VersionCopyright 2006 3Com Corporation. All rights reserved Table of Contents Prepare the Site TippingPoint X505 OverviewIndex Page List of Figures Front PanelPage List of Tables List of Tables Target Audience About This GuideOverview Organization About the GuideConventions HeadingsTypeface Cross ReferencesTip Related Documentation Tmc.tippingpoint.comTable About 1 TippingPoint Documents Security Management System Online HelpTable About 2 Customer Support Information Location Customer SupportContact Information Xvi Overview TippingPoint X-Series OverviewTippingPoint X-Series Environment Core FunctionalityOptimized VPN Connectivity Policy EnforcementSecurity Zones and Network Interfaces TippingPoint IPSThreat Suppression Engine Local Security ManagerSeries System Performance Model Ethernet Concurrent Firewall Triple DES Interfaces Sessions PerformanceSecurity Management System Threat Management CenterOverview Series Hardware Installation and Safety Guide V Prepare the Site Safety Requirements Class a NoticesGeneral Guidelines Prepare the Site Safety Requirements Rack and Clearance Requirements Ventilation and LocationEnvironmental Requirements Reliable EarthingUnpack the TippingPoint System To unpack the TippingPoint X-Series systemPage TippingPoint X505 Overview Chassis Features Chassis OverviewPort USB PortLEDs LED DescriptionsColor State Description Management Port LED DescriptionsTippingPoint X-Series X505 Specifications Description Technical SpecificationsHardware Specifications Software Specifications Hardware Installation and ConfigurationTechnical Specifications Min/Max Number of Chassis Install the TippingPoint ChassisRack Space Requirements Connect the power Complete Initial Setup ConfigurationConnect the X505 to the Internet Register the TippingPointTippingPoint X506 Overview Port Port Port Status LEDsTippingPoint X-Series X506 Specifications Description Segment Port LED DescriptionsTippingPoint X506 Hardware Specifications Detail Description Or = 42 RUs. Each TippingPoint X-Series X506 requires 1RU Connect the power Connect the X506 to the Internet Register the TippingPoint Port Connectors Figure a 1 RJ-45 ConnectorDB-9 Connector Pinout Table a 3 DB-9 Connector Pinouts Pin Number Signal NamePort Connectors Page Index Index Series Hardware Installation and Safety Guide V
Top Page Image Contents