We use Trend Micro TippingPoint Threat Protection System for intrusion detection.
Senior Systems Analyst at a government with 501-1,000 employees
Notifies users when there's a problem then blocks that problem, but doesn't have enough bandwidth to handle a certain amount of traffic, and it can be a bit clunky
Pros and Cons
- "What I like about Trend Micro TippingPoint Threat Protection System is that it works okay. I don't have time to mess with the tool most of the time because I have way too many tasks to do, but Trend Micro TippingPoint Threat Protection System tells you when there's a problem, then it blocks the problem, so that's what I like most about it."
- "I find Trend Micro TippingPoint Threat Protection System a bit clunky, and updating it can be a pain in the neck because you need to do it from time to time, so this is what needs to be improved in it. I would also rather have an all-in-one system that does intrusion detection, protection, web filtering, and also serves as a firewall, and my company is moving to an all-in-one solution, but I'm unsure of how soon that's going to be. Trend Micro TippingPoint Threat Protection System also doesn't have enough bandwidth to handle the required traffic within my company, so it's going to be replaced."
What is our primary use case?
What is most valuable?
What I like about Trend Micro TippingPoint Threat Protection System is that it works okay. I don't have time to mess with the tool most of the time because I have way too many tasks to do, but Trend Micro TippingPoint Threat Protection System tells you when there's a problem, then it blocks the problem, so that's what I like most about it.
What needs improvement?
I find Trend Micro TippingPoint Threat Protection System a bit clunky, and updating it can be a pain in the neck because you need to do it from time to time, so this is what needs to be improved in it.
I would also rather have an all-in-one system that does intrusion detection, protection, web filtering, and also serves as a firewall, and my company is moving to an all-in-one solution, but I'm unsure of how soon that's going to be.
Trend Micro TippingPoint Threat Protection System also doesn't have enough bandwidth to handle the required traffic within my company, so it's going to be replaced.
For how long have I used the solution?
I've been using Trend Micro TippingPoint Threat Protection System for two years.
Buyer's Guide
Trend Micro TippingPoint Threat Protection System
October 2024
Learn what your peers think about Trend Micro TippingPoint Threat Protection System. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What do I think about the scalability of the solution?
Trend Micro TippingPoint Threat Protection System isn't a scalable tool.
How are customer service and support?
I've never contacted the technical support team of Trend Micro TippingPoint Threat Protection System. My boss did, but I have no idea if the support he received was good or not. I've never dealt with support directly.
How was the initial setup?
I wasn't the person who set up Trend Micro TippingPoint Threat Protection System. It was here when I took over my position in the company, so I have no idea on whether it was easy or complex to set up.
What's my experience with pricing, setup cost, and licensing?
I can't remember the cost of Trend Micro TippingPoint Threat Protection System or if I was the person who paid for it because another person within my company could have handled that, so I'm unable to give a rating for its pricing.
What other advice do I have?
My company currently uses Trend Micro TippingPoint Threat Protection System.
Everyone's using Trend Micro TippingPoint Threat Protection System within the company, in particular, hundreds of users because it's in-between the firewall and internet connection.
My advice to anyone who wants to start implementing the solution is not to buy the old model.
My rating for Trend Micro TippingPoint Threat Protection System is six out of ten.
My company is a Trend Micro customer.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
C.I.S.O. at ENERSA
Pioneer in the IPS industry with simple and intuitive setup
Pros and Cons
- "Trend Micro TippingPoint Threat Protection System is very stable. In addition, the provider gives notice of any changes well in advance, which is important for planning updates."
- "Trend Micro TippingPoint Threat Protection System needs strong Spanish-language support."
What is our primary use case?
Our primary use case for Trend Micro TippingPoint Threat Protection System is an IPS solution for the prevention of intrusions.
What is most valuable?
Trend Micro TippingPoint Threat Protection System is an amazing product for me because it has three modes of use. The mode we were recommended meets all of our needs.
The solution is a pioneer in the IPS industry. Also, having a legal and transparent bounty program gives Trend Micro TippingPoint Threat Protection System a very strong competitive advantage.
What needs improvement?
Trend Micro TippingPoint Threat Protection System needs strong Spanish-language support.
In addition, the user interface was built with Java and does not allow you to see all your options on the monitor. A new interface, perhaps one built on HTML 5, would be great.
For how long have I used the solution?
I have been using Trend Micro TippingPoint Threat Protection System for approximately 12 years.
What do I think about the stability of the solution?
Trend Micro TippingPoint Threat Protection System is very stable. In addition, the provider gives notice of any changes well in advance, which is important for planning updates.
What do I think about the scalability of the solution?
Trend Micro TippingPoint Threat Protection System is scalable.
How are customer service and support?
My experience with Trend Micro TippingPoint Threat Protection System's customer service has been good. Their ticket system allows us to open support cases and receive assistance quickly. In our case, we work closely with the solution's representative in Argentina, Trend Argentina. We get advice on technical advisors, zero days, vulnerabilities, early alerts, and warnings.
How was the initial setup?
The initial setup was simple and intuitive.
What other advice do I have?
I would give Trend Micro TippingPoint Threat Protection System a nine out of 10 for overall performance.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Trend Micro TippingPoint Threat Protection System
October 2024
Learn what your peers think about Trend Micro TippingPoint Threat Protection System. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Its default filters include, among 2300 others, protection against buffer overflows and malicious downloads, but be sure to make baseline audits and incident-handling protocols upon deployment.
Valuable Features:
It ships with a default profile that enables approximately 2300 filters for items that should never legitimately exist on a network, including certain attacks such as buffer overflows as well as malicious downloads. In addition to these default filters, more than 5400 additional filters, broadly considered policy choices, are available for use based on the requirements of the protected environment and it now offers a Reputation Digital Vaccine Service (Rep DV).
HP released a Vaccine toolkit that uses a wizard to let TippingPoint customers generate their own filters, in effect deploying "virtual patches" to protect themselves from vulnerability exploitation. Filters created by using the Digital Vaccine Toolkit can be applied directly to a single IPS or the SMS console can be used to quickly update all systems. Impressive.
Improvements to My Organization:
It has enhanced the monitoring.
Room for Improvement:
Your IPS is only as good as the threat intelligence behind it. TippingPoint should be able to combine ArcSight into IP blocking services, not wait for Fortify to pull ArcSight.
Use of Solution:
1 YEAR
Deployment Issues:
The process of establishing the baselines, policies, and procedures for information security and incident handling at the outset yields great benefit later. Know this before implementation and it will save you time and stress.
Other Advice:
Baseline audits, inventories, and vulnerability assessments of systems may reveal opportunities for improvement. Configuring an appropriately sized IPS with a majority of the filters enabled using detection protocol only, or “Permit + Notify” action, allows for the deeper discovery of the types of network transactions being performed and the systems involved. This process can also identify surprise applications that may be present in the environment, such as user-installed downloads that are outside of organizational norms or unpatched applications installed on servers for some long-forgotten test. In other words, know the exposures.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Manager at Digital World
Good intrusion prevention that integrates well, and the support is good
Pros and Cons
- "It integrates easily."
- "It integrates well but it takes time."
What is our primary use case?
We use this solution to inspect the data packets before they can enter the firewall. Then, the packets can enter into our LAN infrastructure.
What is most valuable?
The intrusion prevention and detection are nice.
It integrates easily.
What needs improvement?
It integrates well but it takes time. The integration process should be faster.
For how long have I used the solution?
We have been providing this solution for two to three years, maximum.
We are using the latest version.
What do I think about the stability of the solution?
It's a stable solution.
What do I think about the scalability of the solution?
It's a scalable product, but we haven't explored this area. We just install for the customers.
We have only two customers currently, who are using this solution.
How are customer service and technical support?
Technical support is very good.
How was the initial setup?
The installation is easy.
It will take a half-day easily to deploy. Almost five hours.
You only need one Level-3 engineer to deploy and maintain this solution.
What's my experience with pricing, setup cost, and licensing?
It's an expensive product. The price could be reduced.
Customers need to pay for a license along with the appliance.
Licensing is on a yearly basis.
What other advice do I have?
From my understanding, this is a very useful solution for the government sector.
I would rate Trend Micro Tipping NGIPS a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Director at PeerSpot
IPS signatures and the IPS database are much better than what is commonly available
Pros and Cons
- "The IPS signatures and the IPS database that are given are much better than what is commonly available."
- "We need more integration. It would be good if Azure IPS and TippingPoint IPS and other products from Trend Micro like their DBI and IWSVA could talk between each other."
What is our primary use case?
When the client chooses a security setup we first need to explain to them why the dedicated IPS assist is correct for them and its advantages. We need to determine their traffic load. With all those calculations we show them we sometimes end up with over-commitment for the TOC. If we're talking about Trend Micro, you should know that they have a range of products, from IPS, anti-security solutions, and discovery solutions.
We lay out all those products and if they feel that any of them meet their requirements then they incorporate that into their solution. After that, it normally goes through the tender process. We participate in the tender and if we win, we send the product to the customer. We generally work with larger companies or different government bodies. For the different public sector units, there is a security requirement where we go to the client to analyze their existing infrastructure, try to find out where the loopholes are, and when we find something we advise and present the solution. We then incorporate whatever product the client requires.
Maybe it's a small setup or maybe it's a multi-department dedicated IPS setup. We deliver whatever IPS featured is required.
The general use cases are for large data centers and state data centers, where people from different state departments post their applications with their servers in the data center cloud. I'm from Calcutta, India. Our company takes care of different government departments in the Eastern part of India, in West Bengal, in Bihar, in Orissa, in Jharkhand, different states there. In all these cases, the state data center or maybe some big government bodies like PUC's, public utility commissions, like ONGC have their own data centers. All their applications are hosted on this data center, or maybe there is a DR. Maybe the DR is on the cloud. Or maybe like the ONGC, they are on-premise.
They need to process the graphs to identify whether there's an intrusion or not, and maybe some micro-sandboxing needs to be done. Right when the setup is changed, when these data centers get these devices and need to process a huge amount of data, huge incoming and outbound data, the firewall integrated into the IPS is not capable of handling that much load. Then you need to put in a dedicated IPS. That's where we introduce NGIPS from Trend Micro. That's the thing - it totally depends on the client's requirements, the site's needs, the data bandwidth, and how much processing is required. Trend Micro offers a complete solution.
Trend Micro offers the NGIPS solution, as well as the Deep Discovery Inspector or Deep Discovery Analyzer, the DDI, and DDA. If you put a DDI in line, we can create a different operating system via a sandbox to process. Whatever packet we get, whatever file is getting processed, we capture according to that and we find anything that needs to be blacklisted or whitelisted. If it's blacklisted, that informs us from the DDA that it is getting first to the IPS and the IPS can take care of it.
It's a complete security solution. We might need to introduce the INWB or IWSBA solutions from Trend Micro to analyze the base traffic as well as the main traffic. It's a combination - NGIPS is there to take care of any intrusion and APT is there to analyze the file and network traffic. I'm doing the network sandboxing. IWSBA takes care of that traffic. INSBA is there for taking care of the mail traffic. These four devices can communicate with each other and can instruct the IPS to do any ad-hoc blacklisting that is required.
What is most valuable?
In TippingPoint, the IPS signatures and the IPS database are much better than what is commonly available. TippingPoint is more intelligent. It can work out bypass models if the device goes bad suddenly for any reason. It actually goes into a bridge mode where it parses from the data and finds where the problem is with the software security. We configure it like this so that if that happens, we immediately switch on the IPS in the firewall because technically the scenario is like that in the gateway. We first put on the firewall and the connection goes from there before going to the internal network or LC. We put the IPS in between the perimeter firewall, in an internal port.
One of the major reasons for choosing TippingPoint is that it acquires the intelligence of the IPS signatures. It is the first IPS solution database we tried. We actually detect a lot of intrusions not detectable by other solutions. This is an important point.
Another feature is that it can work in a base mode if the device goes down. Then, even if we do not do a modification into the network to get it working, you just switch on the IPS in the firewall and the device will pass on all those packets to the underlying devices. This way the operation doesn't stop and in the meantime, you can fix the problem.
What needs improvement?
In terms of what can be improved, I would say, integration. Integration of Trend Micro solutions with Azure. We need more integration. It would be good if Azure IPS and TippingPoint IPS and other products from Trend Micro like their DBI and IWSVA could talk between each other.
That integration should be increased so that human integration could be decreased. If it could communicate with other products, it would be great.
If you see a pay-meter firewall at Checkpoint, or Palo Alto and you're using Trend Micro, and your perimeter firewall is from some other vendor, maybe you are using anti-DDoS solution or maybe you are using some other solution from some other provider. If the pinpoint can be integrated with other vendors, it would be great. I'm not talking about each and every brand available in the market, but at least, with some reputable vendors like Palo Alto or Checkpoint. It would be great if that integration actually gives us a consolidated report, which helps us to monitor from a single point by eliminating duplicates.
For how long have I used the solution?
We have around four or five installers on TippingPoint NGIPS. We have been a partner with Trend Micro for the last two years and we sold these solutions to different state bodies, state powers, and state governments for their data centers.
What do I think about the stability of the solution?
It is a stable solution. It is dedicated to IPS. It is one of the best solutions. It's a very stable and very good solution in this way.
It does not require maintenance. Of course, it requires some operative person to manage it like monitoring the logs, fine-tuning the day to day operations, etc. We need to have a security guy in the data center, in the NOC or in the SOC, Security Operation Center, who needs to look through the logs and do the necessary monitoring. But otherwise, we do not need regular interaction with the employee. Of course troubleshooting or fault-finding or anything like that we do.
What do I think about the scalability of the solution?
In terms of scalability, it is a scalable solution.
How are customer service and technical support?
Trend Micro's general support is good. If we require any technical support for any of their products they are always able to help us.
How was the initial setup?
All the deployments that we have done so far are on-site because they're data centers. The traffic goes to the cloud to get processed but they prefer their setup to be on-premise.
The setup is not very long but it does require a little bit of struggling to make it work and to get it properly integrated into the environment. It takes time, it's not like it is two clicks and it will start working. It's not like that.
What's my experience with pricing, setup cost, and licensing?
In terms of price, TippingPoint is not a cheap solution. It is not a very costly solution, but comparatively it is more.
When you purchase TippingPoint, you're purchasing their subscription which gives IPS database updates. They bundle everything together. That includes the warranty and extended warranty of the box, along with the support subscription to speak to tech support, or the IPS database, signature application, all those things are provided.
Almost all those things are bundled together. They bundle all the requests and licensing. We need to go back to them to ask for additional licenses or something like that, because in my department we cannot just go back to the client and tell them, okay, these are the things you need to purchase. It is impossible. So in the beginning of the process, when we sell the solution to our client, we always bundle all the necessary licensing so that it can be used whenever it is required.
On a scale of one to ten I would give TippingPoint NGIPS an eight.
What other advice do I have?
Trend Micro provides us technical updates and their free training if a new feature comes into their product.
In general, I would of course recommend this product to other people.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Head of Group at MTI LLC
Easy to control and manage but should be more lightweight and have better documentation
Pros and Cons
- "The most valuable feature is the central command center, where we can control and manage the solution."
- "I would like to see this solution more lightweight and easier to install."
What is our primary use case?
Our partner is a solution integrator and this is one of the products that he implements for our customers. We are currently working on two pilot projects that involve this solution.
Our experience is with on-premises deployments.
How has it helped my organization?
All traffic is unassembling which goes through TO. Our customer satisfied by TP.
What is most valuable?
The most valuable feature is the central command center (APEX ONE), where we can control and manage the solution.
What needs improvement?
Our customers don't understand the process whereby we generate and supply them with license keys. They would like to have the license keys available out of the box.
This documentation for this solution could be improved.
For how long have I used the solution?
Our customer has been using this solution for one year.
What do I think about the stability of the solution?
This is a stable solution. During our pilot project, we have not had any trouble.
How are customer service and technical support?
The tech team are professionals.
How was the initial setup?
This is a fast solution to deploy. But we've waited for PoC results.
What about the implementation team?
TP has been deployed by our partner integrator and vendor engineers. They have good tech experience.
What's my experience with pricing, setup cost, and licensing?
Bear in mind that if you've made the deal registration, follow it and work in that account that it only gives you a chance to grab this deal.
Which other solutions did I evaluate?
This solution is easier to install than Firepower.
What other advice do I have?
This is a good solution, but our market needs clearer deal registration process. It also needs faster PoC feedbacks.
I would rate this solution a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Network Sec. Technical Specialist at a healthcare company with 1,001-5,000 employees
The GUI needs to be improved.
Valuable Features
<ul> <li>Intrusion prevention</li> <li>Digital vaccines</li> <li>Profile deployment</li> <li>Reputation database</li> </ul>
Improvements to My Organization
It has helped strengthen our security posture, mostly in the perimeter.
Room for Improvement
GUI
Use of Solution
4 years
Deployment Issues
No, it is easy to deploy.
Stability Issues
Except for a few issues with the Manager, it has been stable.
Scalability Issues
A very scalable solution.
Customer Service and Technical Support
Customer Service: OK, but not great ... very US centric.Technical Support: Good
Initial Setup
Straightforward. It is very well documented.
Implementation Team
In-house
ROI
Very impressive
Other Solutions Considered
Yes, Checkpoint, sourcefire
Other Advice
Look into the more recent models of the device.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Engineer at BestComp Group
Provides good monitoring and setup is easy, but solution is not as reliable as we would like
Pros and Cons
- "The monitoring is the most valuable feature."
- "The firewall rules are limited."
What is our primary use case?
We use it in the banking industry.
What is most valuable?
The monitoring is the most valuable feature.
What needs improvement?
The solution is not as reliable as we would like. There are problems when we work in HA, high-availability. We have encountered it several times and it's been a disaster for that sort of device.
Also, the firewall rules are limited.
For how long have I used the solution?
Three to five years.
How are customer service and technical support?
The technical support staff at Trend Micro is very knowledgeable and talented. We had several cases and they supported us and provided the best answer.
How was the initial setup?
The setup is very easy. The GUI of the device is very understandable and easy to use, and that's why it's very easy to set up. The initial setup is very comfortable, but as complicated as other firewalls.
The initial setup takes approximately half an hour, but full setup depends on the organization type. In some cases it has taken two to three months to deploy it.
What's my experience with pricing, setup cost, and licensing?
TippingPoint is not as expensive as Palo Alto but it's not as cheap as Fortigate.
Which other solutions did I evaluate?
Before Trend Micro TippingPoint we worked with Cisco ASA firewalls. We are now also using Palo Alto, Fortigate, and Juniper firewalls.
What other advice do I have?
If we can work with Trend Micro and sell TippingPoint, it's very good. It's not a bad device and, nowadays, it's very useful.
At first, it was an HPE product when we started working with TippingPoint and then it was bought by Trend Micro.
The number of users using this solution depends on the organization. In one organization we have approximately 2,000 users on this device. For deployment and maintenance two people are enough. In our organization, when we deployed it, only one person managed and configured it. Someone who is a network engineer can do the configuration.
From the time that Trend Micro bought this product we haven't sold it anymore because we work with HPE. But we are supporting organizations who are using Trend Micro.
Disclosure: My company has a business relationship with this vendor other than being a customer: Solution provider and reseller.
Buyer's Guide
Download our free Trend Micro TippingPoint Threat Protection System Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Intrusion Detection and Prevention Software (IDPS) Cloud and Data Center Security Threat Intelligence PlatformsPopular Comparisons
Cloudflare SASE & SSE Platform
Cisco Secure Network Analytics
Palo Alto Networks Advanced Threat Prevention
Splunk User Behavior Analytics
ExtraHop Reveal(x)
Trend Micro Deep Discovery
Forcepoint Next Generation Firewall
ThreatConnect Threat Intelligence Platform (TIP)
Fortinet FortiGate IPS
Buyer's Guide
Download our free Trend Micro TippingPoint Threat Protection System Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Intrusion Detection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- What product do you recommend for a Campus IPS appliance implementation?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which alternative solutions (other than Darktrace) do you recommend for an SMB?
- Which is the best intrusion detection and prevention solution?
- What is the best IDPS security tool and why?
- What is Cognitive Cybersecurity and what is it used for?