TippingPoint X-Series Environment
Series and IPS devices across your TippingPoint environment for administration, configuration, and monitoring. Most importantly, the SMS includes enterprise-wide reporting and trend analysis.
From the SMS, you must set an overall profile of settings for each X-Series. The profile controls how the device responds to traffic that matches filters. The X-Series is always in Active mode, and reacts to traffic as specified by the appropriate filter.
The LSM and X-Series maintain a connection to the Threat Management Center (TMC) which is located at TippingPoint headquarters. The TMC monitors 10,000 sensors around the world for the latest attack information. As a result, your network can be continually inoculated.
Each component of the TippingPoint X-Series X-Series environment is discussed in more detail in the following sections. Additional information about the TippingPoint X-Series is available in the TippingPoint X-Series Concepts Guide.
Optimized VPN Connectivity
The X-Series VPN supports IPSec, L2TP, and PPTP tunneling protocols, as well as DES, 3DES, AES- 128/192/256, MD5, and SHA-1 encryption standards, and manual keyring, IKE with pre-shared keys, and IKE with X.509 certificates. The device provides intrusion prevention inspection within VPN tunnels, and can also prioritize traffic bi-directionally, both inside and outside of the VPN tunnels. The VPN is hardware-accelerated, with an ASIC designed specifically for encrypting and decrypting packets. To increase network security, you can configure VPN traffic to terminate in a security zone that is separate from your internal LAN security zones. The X-Series also supports NAT deployment within VPN tunnels.
Policy Enforcement
Policy enforcement includes the X-Series firewall, content filtering, and the TippingPoint IPS. The TippingPoint X-Series has a stateful inspection firewall with a top-down rule evaluation engine. The firewall can be used to rate-limit both security zones and applications, preventing excess bandwidth consumption. TippingPoint offers a Content Filtering subscription service, which allows or denies web sites by category. You can also manually allow or block URLs as exceptions to the defined rules. Content Filtering is applied through firewall rules.
Security Zones and Network Interfaces
Security Zones enable you to define multiple Layer 2 VLANs. A security zone can be associated with a single physical port, or can exist virtually by logical definition. Policy enforcement is applied to traffic that moves between security zones. Network interfaces enable you to define Layer 3, and can represent two or more security zones. Security zones can be defined through 802.1q VLAN tags.
TippingPoint IPS
TippingPoint X-Series devices use the TippingPoint IPS to protect your network by scanning, detecting, and responding to network traffic according to the filters, action sets, and global settings maintained on each device by a client. Each device provides intrusion prevention for your network according to the amount of network connections and hardware capabilities.
