TippingPoint1 mk
-
Upload
anon-839151 -
Category
Documents
-
view
219 -
download
0
Transcript of TippingPoint1 mk
-
8/14/2019 TippingPoint1 mk
1/29
[email protected][email protected]
3Com System Engineer3Com System Engineer
-
8/14/2019 TippingPoint1 mk
2/29
TippingPointTippingPoint - Vvoj firmy- Vvoj firmy
TippingPoint History
-
8/14/2019 TippingPoint1 mk
3/29
Certifikace a ocennCertifikace a ocenn
NSS Gold Award TippingPoints Intrusion
Prevention System is theFIRST and ONLY productto win the coveted NSSGold Award in the IPSspace.
Best Security Solution 2005 TippingPoint IPS Overall
Winner in SC Global Awards Over 1,000 products nominated
Certified at faster throughput(3Gbps) and lower latency (84sec) than any other IPS in theworld
ICSA Labs Certified
2006 Winner Best IntegratedSecurity, Info Security
2006 Winner of Best Product Security Week Brazil
ICSA Labs Firewall and IPSecVPN Certification
X-Series:
http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss526_art1054,00.htmlhttp://www.infosecurityproductsguide.com/productexcellence.htmlhttp://www.cbronline.com/article_cbr.asp?guid=7D792053-714E-4633-AE98-CCB7C7ED7281https://newlabs.icsalabs.com/icsa/labnote.php?cid=1821$681800e6-536263ee$07fa-bca7c8f3http://www.infosecurityproductsguide.com/http://www.tmcnet.com/voip/1006/top-voices-of-ip-communications.htmhttp://www.varbusiness.com/sections/news/breakingnews.jhtml;jsessionid=GJXWPKE5ZWTYMQSNDLRCKH0CJUNN2JVN?articleId=193401415mhttp://www.icsalabs.com/icsa/docs/html/communities/firewalls/pdf/tippingpoint.pdfhttp://www.scmagazine.com/us/awards/voting/profiles/26149/a6182d79-2662-4dad-bee3-ca9cfde33a36/11ddb560-3495-46ae-931b-c882b39ef4d3/ -
8/14/2019 TippingPoint1 mk
4/29
Gartner Magic Quadrant for NetworkGartner Magic Quadrant for NetworkIntrusion Prevention Systems, 11/06Intrusion Prevention Systems, 11/06
This Magic Quadrant graphic was published byGartner, Inc. as part of a larger research note andshould be evaluated in the context of the entirereport. The Gartner report is available uponrequest from 3Com.
* Magic Quadrant DisclaimerThe Magic Quadrant is copyrighted Nov. 30, 2006,by Gartner, Inc. and is reused with permission.
The Magic Quadrant is a graphical representationof a marketplace at and for a specific time period.It depicts Gartner's analysis of how certainvendors measure against criteria for thatmarketplace, as defined by Gartner. Gartner doesnot endorse any vendor, product or servicedepicted in the Magic Quadrant, and does notadvise technology users to select only thosevendors placed in the "Leaders" quadrant. TheMagic Quadrant is intended solely as a researchtool, and is not meant to be a specific guide toaction. Gartner disclaims all warranties, express orimplied, with respect to this research, includingany warranties of merchantability or fitness for aparticular purpose.
The Magic Quadrant for Network Intrusion Prevention System Appliances, 11/06 was authored by John Pescatore and Greg Young November 30, 2006.
-
8/14/2019 TippingPoint1 mk
5/29
TippingPoint een
-
8/14/2019 TippingPoint1 mk
6/29
TippingPointTippingPoint::Intrusion Prevention System (IPS)Intrusion Prevention System (IPS)
Zraniteln serverya klientiFirewall
Interntonk
toky prol FW
toky jsoudetekovny a
blokovny za plnrychlosti. UnityOnefunguje jako sovpatch nebovirtuln softwarepatch
UnityOne
-
8/14/2019 TippingPoint1 mk
7/29
Produkty
-
8/14/2019 TippingPoint1 mk
8/29
IPSIPS z hlediska stz hlediska st
In-line na sti jako LAN switchTransparentn, neviditeln, bez MAC nebo IP adresy
Data Segments agregovan
prchodnostady produktOd 50Mbpsdo 5Gbps
Management PortSSH, HTTPS, SNMP
remote management logovn updaty filtr
opticksegment
metalicksegment
Tx
Rx
Tx
Rx
Tx/RxTx/Rx
-
8/14/2019 TippingPoint1 mk
9/29
Vysok vkon a nzk latenceVysok vkon a nzk latence
-
8/14/2019 TippingPoint1 mk
10/29
Vkon Hardware eenVkon Hardware een
Preference bezpenostiped vkonem
Preference vkonu
ped bezpenost
dn kompromis
-
8/14/2019 TippingPoint1 mk
11/29
-
8/14/2019 TippingPoint1 mk
12/29
TippingPoint X505
Aktuln produktov adaAktuln produktov ada TippingPointTippingPoint
-
8/14/2019 TippingPoint1 mk
13/29
Klov vlastnosti
-
8/14/2019 TippingPoint1 mk
14/29
UnityOneUnityOne roziuje IPS (roziuje IPS ( IntrusionIntrusionPreventionPrevention ))
Todays businesses demanduncompromising performance,
reliability, and protection
Ultra-HighPerformanceCustom Hardware
5 Gbps Throughput Switch-Like Latency
2M Sessions 250K Sessions/Second Total Flow Inspection 64K Rate Shaping Queues 10K Parallel Filters
Infrastructure Protection
Application Protection
Performance Protection
IntrusionPreventio
nSystems
-
8/14/2019 TippingPoint1 mk
15/29
Ochrana aplikacOchrana aplikac Chrn klienty a serveryChrn klienty a servery
Performs Total Inspection at Layers 2-7
Protects Vulnerabilities Protects Perimeter and Internal Network Provides Day-Zero Attack Protection Eliminates Emergency Patching Triage Prevents Application and O/S Damage/Downtime
Protect:
Microsoft Applications& Operating Systems Oracle Applications Linux O/S VoIP
From:
Worms/Walk-in Worms Viruses Trojans DDoS Attacks Internal Attacks Unauthorized Access
Infrastructure Protection
Application Protection
Performance Protection
IntrusionPrevention
Systems
-
8/14/2019 TippingPoint1 mk
16/29
OchranaOchrana InfrastruInfrastrukturyktury Chrn sov prvkyChrn sov prvky
Protects Network Equipment
Vulnerabilities Protects Against Anomalous TrafficBehavior Automatic Baselining Rate Limit, Block, or Alert on Thresholds
Supports Custom IP filters, ACLs
Protect:
Routers(e.g. Cisco IOS)
Switches Firewalls (e.g. Netscreen OS,
CheckPoint FW1)
VoIP
From:
Worms/ Walk-in Worms Viruses Trojans DDoS Attacks SYN Floods Traffic Anomalies
Infrastructure Protection
Application Protection
Performance Protection
IntrusionPrevention
Systems
-
8/14/2019 TippingPoint1 mk
17/29
Protect:
Bandwidth Server Capacity Mission-Critical Traffic
From: Peer-to-Peer Apps Unauthorized Instant
Messaging Unauthorized
Applications DDoS Attacks
Ochrana vkonuOchrana vkonu Ochrana sovho vkonuOchrana sovho vkonu
Increases Network Performance EvenWhen Not Under Attack
Rate Limits Non-Mission CriticalApplications Eliminates Bandwidth Hijacking Controls Rogue Applications Eliminates Misuse and Abuse Controls Peer-to-Peer Traffic
Infrastructure Protection
Application Protection
Performance Protection
IntrusionPrevention
Systems
-
8/14/2019 TippingPoint1 mk
18/29
Monosti redundanceMonosti redundance
Dual Hot-Swappable PowerSupplies
Self-Monitoring WatchdogTimers Security and Management Engines
L2 switch fallback
99.999% Network Reliability
Stateful Redundancy Active-Active
Active-Passive No IP Address or MAC Address Transparent to Router Protocols
HSRP, VRRP, OSPF
No loss of segments or ports in
this scenario
Stateful Network RedundancyIntrinsic High Availability
-
8/14/2019 TippingPoint1 mk
19/29
Sluby vztaen k TippingPoint een
-
8/14/2019 TippingPoint1 mk
20/29
TippingPoint Digital VaccineTippingPoint Digital Vaccine
Coverage Vendors Threat organizations Independent researchers (ZDI) Internal Threat Management
Center Timeliness
Weekly filter distribution Zero Day Initiative Same day Microsoft Tuesday
coverage Accuracy
Designed to block 5 years of filter writing experience No performance degradation
Extensibility Signatures, vulnerabilities, traffic
and protocol anomalies New Threats: P2P, Instant
Messaging, Spyware, Phishing,VOIP
The Digital Vaccine service is the most comprehensive, accurateand automatic protection service available.
-
8/14/2019 TippingPoint1 mk
21/29
AutomaticAutomatick dk digitigitlnln vakcinavakcina
SANS CERT Vendor Advisories Bugtraq VulnWatch PacketStorm Securiteam
Digital VaccineAutomaticallyDelivered toCustomers
Vulnerability Analysis
Raw Intelligence
Feeds
Vaccine Creation
Scalable distribution networkusing Akamais 9,700 servers
in 56 countries
@RISKWeekly Report
Filter Types Signature Vulnerability Traffic and/or Statistical Anomaly
-
8/14/2019 TippingPoint1 mk
22/29
TippingPoint zTippingPoint zkaznci ochrnni odkaznci ochrnni od99.8..8.20052005
as k vytvoen zplatyochrann intervalSe scvrkvz msc na dny
Ohroen zranitelnch stanic jeZaruen pokud je erv vyputn
en erv se m na minuty
toncivybaveni abyvybrali cl a ohroziliuivatele
Zranitelnostodhalena
Zotob Exploitpublikovn
Zotob Worm
tok 16.8.2005
Zraniteln
stanicenapadeny
TippingPointBezpenostn filtry
distribuovny9.8.2005
TippingPoint zkaznci ochrnni
-
8/14/2019 TippingPoint1 mk
23/29
Global Service and SupportGlobal Service and Support
Professional Services Installation & Advanced Implementation Services Comprehensive detailed installation, configuration, and tuning of basic & advanced
security features of TippingPoint IPS and Security Management System products Security Posture Assessments (SPA)
A comprehensive security evaluation of the network to identify vulnerabilities,weaknesses, and exposure to exploitation of the external and internal infrastructure
Training A family of basic, advanced, and expert level training courses delivered globally by
experienced subject matter experts
Custom Digital Vaccine (DV) Development Development of local or specialized security filters for a particular geography or environment
Managed Security Services (MSS) Outsource the operations of security monitoring and device management
Global Technical Support 24x7x365 & Next Day Shipping replacement hardware
-
8/14/2019 TippingPoint1 mk
24/29
Souhrn
-
8/14/2019 TippingPoint1 mk
25/29
Vlastnosti TP eenVlastnosti TP een
Frequent protection and prevention (weekly or better) against the latestthreatsConfidence and comfort of network protection
Timely Filter Updates
Lowers TCO with automatic attack blocking, filter updates and reportsAutomation
Advanced protection against a multitude of threats: Spyware, Phishing,VoIP, P2P, Protocol Anomalies, Behavioral/Traffic Anomalies, Worms,Trojans, DDoS attacks, DDoS SYN Proxy and Connection RateLimiters, Microsoft Vulnerabilities, etc.Avoids multiple security solutions and provides cost savings
Comprehensive Security Prevention
Ensures no good traffic gets blocked, no network disruptionFilter Accuracy
Immediate security, out of the box; High ROI, Low/No configurationSimple Set-up
Proactive accurate and comprehensive attack filteringprovides zero-day attack protectionProtects against all types of attacks
Complete Filtering Methods
(signature, protocol anomaly,vulnerability, traffic anomaly)
Reclaims bandwidth and improves network performanceRate Shaping
Extensible platform for unparalleled security and networkingLowers administration and maintenance
Purpose-Built Custom ASIC Hardware
Effective proactive attack termination. Protects unpatched systemsEnsures system availability and performance
In-line Attack Blocking
50Mb 5Gb Performance enables scalable solutions for perimeter andinternal protectionNo adverse network impact
Switch-Like Latency
Pnos pro uivateleVlastnost
-
8/14/2019 TippingPoint1 mk
26/29
Performance ASIC-based Architecture Fastest IPS on the market (5 Gbps) Runs inline with switch like latency (
-
8/14/2019 TippingPoint1 mk
27/29
Zkaznci
Kd j k k Ti i P i tKd j k k Ti i P i t
-
8/14/2019 TippingPoint1 mk
28/29
Kdo je zkaznk pro TippingPointKdo je zkaznk pro TippingPointproduktyprodukty
Zkaznk, kter hled: Ochranu ped pemnoenm hlavnch vir/erv
Nem dostatek asu/zdroj testovat a nasazovat zplaty na servery astanice
Hodl chrnit nejen perimetr st ped toky zvnjku, ale tak centrum avybran sov zdroje ped internmi toky
Zvauje optimalizaci st a zen zbavnch aplikac, jako P2P, Spyware,
Potebuje ochranu ped DoS a DDoS toky
-
8/14/2019 TippingPoint1 mk
29/29
Dky za pozornost