Trend Micro Tipping Point: IDPS Product Overview and Analysis

Published

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

See our complete list of top Intrusion Detection and Prevention Systems.

Company Description

Founded in 1988, Trend Micro offers hybrid cloud security, network defense, and endpoint security. All products work together to share threat intelligence and provide a connected threat defense with centralized visibility and control. The company is publicly traded on the Tokyo stock exchange. TippingPoint was acquired in March 2016 from HPE.

Product Description

TippingPoint is a standalone next-generation IPS. It is designed to identify and block malicious traffic, prevent lateral movement of malware, ensure network availability and resiliency, and enhance network performance. It can be deployed into the network with no IP address or MAC address to immediately filter out malicious and unwanted traffic.

Digital Vaccine security filters cover the entire vulnerability footprint, not just specific exploits, and can detect and block known and unknown malware families, exploit kits, obfuscated content, and domain generation algorithms (DGAs). Its automated, in-line inspection approach does not impede network performance. It integrates with other Trend Micro tools and many third-party SIEM, NGFW and VA/VM products.

“While the Next Generation Firewall (NGFW) market may be bigger than the standalone IPS market, there is still a need for standalone IPS solutions,” said Elisa Lippincott, Product Manager TippingPoint for Trend Micro “We see customers who initially deployed NGFWs in lieu of IPS, only to realize that too many compromises had to be made.”

Gartner says TippingPoint is easy to deploy and manage, even at very high throughput, but the need for a separate cloud solution is a drawback.

Markets and Use Cases

Large and very large enterprises; all verticals including banking, telecom, healthcare, transportation, energy/oil/gas, and retail. Key use cases include data centers, high-performance enterprise networks, internal network segmentation/distributed networks, and the hybrid cloud.

Metrics

The TippingPoint TX Series delivers 40 Gbps inspection throughput in a 1U form factor and can be stacked to deliver up to 120 Gbps in a 3U form factor. Network traffic inspection throughputs for TippingPoint Solutions range from 250 Mbps to 120 Gbps.

Intelligence

TippingPoint solutions provide real-time threat prevention for vulnerabilities through Digital Vaccine (DV) threat intelligence. DV filters are developed to cover a vulnerability to protect against all potential attack permutations, not just specific exploits. DV filters provide vulnerability protection for network devices, virtualization software, operating systems, enterprise and Web applications, and industrial control system networks. In addition, the TippingPoint ThreatDV service provides malware filters as well as a reputation feed that identifies known bad IP addresses, DNS names and URLs.

Filters leverage machine learning and statistical data modeling. TippingPoint can also detect domain name system (DNS) requests from malware-infected hosts attempting to contact their command and control (CnC) hosts using Domain Generation Algorithms (DGAs). Trend Micro’s TippingPoint SMS Threat Insights is an aggregation portal that takes events from TippingPoint solutions, third-party vulnerability management solutions and sandboxing solutions and displays them in one place to prioritize, automate and consolidate network threat information. Finally, the Zero Day Initiative provides Trend Micro insight into undisclosed vulnerabilities. When a vulnerability is discovered through the Zero Day Initiative, Trend Micro is the only organization (other than the affected vendor) that has access to the vulnerability data.

Delivery

TippingPoint solutions are available in both purpose-built hardware and virtual offerings.

Agents

None

Pricing

Pricing for the TippingPoint T Series starts at $6,000 (includes first year of hardware support but does not including software licenses and other accessories). The TippingPoint TX Series starts at $72,600.

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

This field is required This field is required

Get the free Cybersecurity newsletter

Strengthen your organization’s IT security defenses with the latest news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

This field is required This field is required