Its primarily functions as a network Intrusion Prevention System (IPS). However, it's noteworthy that the sales and proposition of this network IPS are generally confined to data centres, not typical office environments. In office settings, we tend to opt for DDIL (Deep Discovery Inspection Layer) due to its deep discovery capabilities.
In the context of data centres, especially robust ones, an IPS becomes a crucial element. Traditional intrusion protection mechanisms present in firewalls are inadequate for handling the substantial traffic influx in data centres. Therefore, the implementation of a network IPS, like Tipping Point, becomes essential to address these challenges.
A standout feature of TippingPoint is its strong integration with various solutions. It stands out as one of the leading network Intrusion Prevention Systems (IPS) in the current market and is known for its seamless integration with other solutions. For instance, when it identifies a potential threat within the traffic stream, it meticulously analyzes the data. Even in multilayer security scenarios, Tipping Point's network IPS can serve as a bypass for the basic firewall. If a threat is identified by Tipping Point, it promptly shares this information with the other systems. This ensures that they're updated and can employ the necessary solutions from their signature databases. The entire network gets safeguarded automatically. This integration extends to components like security and FX. This linkage streamlines our operations, offering a consolidated point of control for managing threats effectively.
Price is a significant factor that requires attention to enhance the popularity of Tipping Point among mid-sized data centres. Currently, Tipping Point is primarily adopted by sizable data centres, and smaller defenders might find it financially challenging to acquire. Recognizing this, efforts are underway to potentially introduce diverse models with varying capacities. This adjustment aims to ensure that a broader range of data sizes can benefit from the solution.
Also, the continuous evolution of Tipping Point is evident in its features, particularly the personalized dashboard and related aspects.
I have been using Trend Micro TippingPoint Threat Protection System for the last six years.
Stability of this solution is very good and I will rate it nine out of ten.
I would rate the scalability eight point out of ten.
The technical support team is okay.
Installing a TippingPoint into an already operational data centre demands careful consideration. This is particularly true if you're implementing the IPS in two modes, which might not yield substantial effectiveness in shielding the network from online threats within a two-month period. Therefore, it's essential to implement it in a full three-mode configuration.
When dealing with a fully configured, operational, and live data centre, the decision to introduce TippingPoint becomes a critical one. Generally, in such scenarios, it's advisable to integrate TippingPoint during the initial stages of network security planning.
It functions as an on-premises solution, specifically as a Network Intrusion Prevention System (IPS). Its intended placement is between the perimeter firewall and the core switch, immediately following the perimeter firewall.
When implementing TippingPoint, the focus is on proper deployment. However, the situation changes when dealing with an already operational data centre. In such cases, deploying Tipping Point necessitates a well-planned process spanning two to three days. It's important to note that introducing Tipping Point into the network during production requires a certain amount of downtime. This is due to the introduction of these Layer 3 devices between the firewall and core switch, which calls for a temporary network interruption.
It is an expensive solution and I would rate it three out of ten.
It is an impressive product. One of their standout offerings is Deep Security, sometimes referred to as HIPAA (Host Intrusion Prevention and Detection System). This product stands out in its own category, surpassing most EDS solutions. Particularly for safeguarding server environments, Deep Security shines with its innovative features like virtual patching. Every product comes with its strengths and weaknesses. Their products excel notably in IPS and signature-based detection. They have effectively leveraged this technology across various products. Nevertheless, like any offering, there are areas to address. For instance, their proficiency in zero-day threat handling might not be as advanced as desired. They've introduced the DDAN Discovery Analyzer device, a sandbox solution, but the antivirus layer in XDR or DDR might not excel in zero-day threat management.
They offer a diverse range of products that cover numerous security aspects, even though they might not encompass the entire spectrum, they do address a substantial portion of security needs.
I would rate the solution an eight out of ten.