UNIFIED NETWORK-DEFENSE APPLIANCES... A SOLUTIONS PRIMER

Similar documents
Tippin dint Technologies

UnityOne Network-Defense Systems

CyberP3i Course Module Series

Cisco IOS Inline Intrusion Prevention System (IPS)

IC32E - Pre-Instructional Survey

The Evolving Threat of Internet Worms

Activating Intrusion Prevention Service

Detecting Internal Malware Spread with the Cisco Cyber Threat Defense Solution 1.0

CIO Update: Security Platforms Will Transform the Network Security Arena

WHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points

IPS-1 Robust and accurate intrusion prevention

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Chapter 9. Firewalls

Symantec Client Security. Integrated protection for network and remote clients.

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

COMPUTER NETWORK SECURITY

align security instill confidence

Cisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion

Intel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances

Securing Your Microsoft Azure Virtual Networks

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Network Security Terms. Based on slides from gursimrandhillon.files.wordpress.com

Securing Your Amazon Web Services Virtual Networks

Behavior-Based IDS: StealthWatch Overview and Deployment Methodology

CND Exam Blueprint v2.0

NetDefend Firewall UTM Services

Security Considerations for Cloud Readiness

Firewalls for Secure Unified Communications

McAfee IntruShield Network IPS Sensor Pioneering and Industry-Leading, Next-Generation Network Intrusion Prevention Solution

HikCentral V.1.1.x for Windows Hardening Guide

Virtual Patching Solution: Increased Protection and Reduced Maintenance for Process Control Systems

ASA/PIX Security Appliance

IBM Next Generation Intrusion Prevention System

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Load Balancing with McAfee Network Security Platform

Elevate the Branch-Office Experience with an Application-Centric Platform

Snort: The World s Most Widely Deployed IPS Technology

Emerging Threat Intelligence using IDS/IPS. Chris Arman Kiloyan

McAfee Public Cloud Server Security Suite

Cisco IPS AIM Deployment, Benefits, and Capabilities

NETWORK THREATS DEMAN

Selling the Total Converged Solution Module #1: Nortel Enterprise Networking Overview of the 4 Pillars and Why Nortel Tom Price Nortel HQ Sales

COSC 301 Network Management

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access

Agenda of today s lecture. Firewalls in General Hardware Firewalls Software Firewalls Building a Firewall

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Verizon Software Defined Perimeter (SDP).

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

DoS Cyber Attack on a Government Agency in South America- February 2012 Anonymous Mobile LOIC in Action

CSE 565 Computer Security Fall 2018

An Investment Checklist

The Future of Threat Prevention

HikCentral V1.3 for Windows Hardening Guide

Data collected by Trend Micro is subject to the conditions stated in the Trend Micro Privacy Policy:

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Internet Security: Firewall

Securing Access to Network Devices

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Securing Industrial Control Systems

Next-Generation Network Security

SRX als NGFW. Michel Tepper Consultant

trend micro smart Protection suites

Scrutinizer Flow Analytics

Networking Drivers & Trends

TOLLY. Radware, Inc. Radware, Inc. commissioned. DefensePro Test Summary. Throughput Benchmark and Attack Mitigation Evaluation.

Cisco SR 520-T1 Secure Router

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Delivering the Wireless Software-Defined Branch

PROTECTING YOUR NETWORK FROM THE INSIDE-OUT

Wireless and Network Security Integration Solution Overview

3Com X5 and X506 Unified Security Platforms

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Cisco Associate-Level Certifications

TECHNOLOGY BRIEF EXTENDING YOUR INVESTMENT IN SNORT

Simple and Powerful Security for PCI DSS

CIH

Internet Security Firewalls

Cisco ASA 5500 Series IPS Solution

Cisco ISR G2 Management Overview

Dynamic Datacenter Security Solidex, November 2009

CCNP Switch Questions/Answers Cisco Enterprise Campus Architecture

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Campus Network Design

PROTECTING INFORMATION ASSETS NETWORK SECURITY

Who We Are.. ideras Features. Benefits

Indicate whether the statement is true or false.

McAfee Advanced Threat Defense

Deployment Scenarios

Application Intelligence and Integrated Security Using Cisco Catalyst 6500 Supervisor Engine 32 PISA

Cisco ASA 5500-X NGFW

PRACTICAL NETWORK DEFENSE VERSION 1

Solution Architecture

SECURITY FOR SMALL BUSINESSES

Fundamentals of Network Security v1.1 Scope and Sequence

N-Dimension n-platform 340S Unified Threat Management System

SonicWALL TZ 170 Series Prepared by SonicWALL, Inc. 7/6/2004

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

CSC Network Security

Transcription:

UNIFIED NETWORK-DEFENSE APPLIANCES... A SOLUTIONS PRIMER

Security is more than just a buzzword. It is a state of being. Networks, the lifeblood of most corporations, demand security. Yet, the medieval fortress-and-moat defense offered by most network security tools provides little protection from sophisticated hacks and frequent cyber attacks. Protection takes on a whole new meaning in the 21 st century. The same technology and equipment that enable networks to operate at high speeds also provide superhighways for viral diseases to spread like wildfire and they proffer dormant threats yet to be invoked. TippingPoint Technologies UnityOne Threat Prevention Appliances are the first integrated appliances for enterprises seeking true, continuously updated protection for their networks at multigigabit speeds. UnityOne is composed of three interlocking building blocks Vulnerability Assessment, Intrusion Detection, Firewall/VPN built on top of a high-speed security processor bound by a single management system. UnityOne offers real, trusted protection for both WAN and LAN applications. UnityOne does not just detect threats. It blocks and suppresses threats. Security Management System UnityOne OS Untrusted Vulnerability Assessment Intrusion Detection Firewall/ VPN Trusted Threat Suppression Engine UnityOne Interlocked Capabilities Blocks over 2000 attack types.

The Unity of One UnityOne Threat Prevention Appliances UnityOne Threat Prevention Appliances combine the best of high-speed security processors, a collaborative security application suite, and integrated management. Whether protecting the perimeter or critical Intranet interconnection points, TippingPoint s UnityOne offers strong resistance that self-adjusts to the color and shade of the enterprise environment and potential threats. Current security tools are disparate devices, such as vulnerability assessment scanners, intrusion detection systems and firewalls, each with its own management system. This mixed nuts solution may be protein to some, but to manage a network with this fragmented approach to security is dare we say NUTS! In contrast, TippingPoint offers a complete set of high-speed security solutions that are comprehensively managed and updated by one active, interlocking system. Anchored by the high-speed Threat Suppression Engine, TippingPoint s UnityOne Threat Prevention Appliances offer an all-in-one security solution that thrives at speeds up to 2.0 Gbps. UnityOne provides utmost reliability and protection from both external and internal threats. The UnityOne system is composed of the following key elements: Threat Suppression Engine. At the heart of TippingPoint s solution is a powerful high-speed processing engine that offers breakthrough enabling technology. UnityOne OS. Integrated in one system are the functions of a firewall, an intrusion detection system and a vulnerability assessment scanner. This unique system provides continuous threat prevention that assesses, detects and suppresses known hostile code, while eliminating false alerts. Threats are assessed continually to ensure up-to-date coverage for the network. UnityOne offers a front-line defense at the perimeter, the extreme edge and within the LAN. Easily installed, the UnityOne is a plug-n-play appliance that starts working for the enterprise right out of the box.

UnityOne -2000 The UnityOne -2000 large enterprise solution delivers full perimeter, extreme edge and Intranet multi-zone network-defense at 2.0 gigabits per second speeds. UnityOne -600 The UnityOne -600 small & medium enterprise solution delivers perimeter network-defense at 600 megabits per second speeds.

Threat Suppression Engine The Heart and Soul of UnityOne The heart of UnityOne, the Threat Suppression Engine, is designed to handle securityspecific functions at gigabit speeds and execute sophisticated threat suppression signatures and anomaly algorithms to protect the enterprise. These functions include: Address Translation, Flow Assembly, Classification, Stateful Inspection, Content Searches and Traffic Shaping. Network and Port Address Translation are critical for hiding the true internal network addresses from hostile outsiders. TCP Flow and fragmented packet reassembly are critical for detecting and thwarting disguised attacks (where independent packets may appear harmless). Classification of packets and flows requires sophisticated header processing at OSI layers 2-4 for finer-grain packet filtering. Deeper unanchored payload Content processing is needed for higher layers. Polymorphic attacks require matching of complex patterns (based on regular expressions) in order to be detected and blocked. Stateful Inspection is needed to selectively allow applications to penetrate a firewall through dynamic ports. Traffic Shaping is a powerful way of protecting and prioritizing mission critical traffic and containing potential DoS traffic.

Security Management System TippingPoint s Security Management System (SMS) is a pre-configured management appliance that ensures a comprehensive and simple user interface to manage your security environment. The SMS provides a single console from which to configure, monitor and update up to 1000 UnityOne Threat Prevention Appliances per SMS enterprise-wide. Threat Management Center TippingPoint s Threat Management Center (TMC), the central intelligence bureau for UnityOne, is staffed 24/7 with TippingPoint s security experts. The TMC searches for emerging vulnerabilities, new signatures and algorithms to defeat attacks on the enterprise network. Customers have the option of two services Web Access and Digital Vaccine. Web Access is a web-based reference for IT administrators to access the latest threat suppression signatures. A real-time continuous update service, Digital Vaccine delivers signatures and algorithms to UnityOne enterprise systems. TippingPoint has taken a whole new approach to signatures and algorithms. The TMC pre-hardens signatures to ensure 100% reliability.

Deploying UnityOne Enterprise Solutions With the UnityOne -2000 and UnityOne -600, TippingPoint offers unified network-defense appliance solutions specifically designed to meet the different needs of the large enterprise (LE) as well as the small & medium enterprise (SME). Enterprise defense starts with UnityOne s Perimeter, ExtremeEdge and Multi-Zone solutions. Perimeter Protection UnityOne provides unprecedented unified protection of the enterprise perimeter. At the perimeter, UnityOne protects the flow of information between the LAN, DMZ and WAN. In addition, UnityOne provides VPN capability to manage and extend secure connections across the Internet.

ExtremeEdge Router vulnerabilities are increasingly being targeted by attackers. UnityOne is equipped with ATM WAN interfaces, so that it can be installed at the WAN access point in front of the router, while at the same time protecting the LAN and DMZ of the Intranet. In effect, UnityOne wraps around the router, protecting it from attacks. Multi-Zone UnityOne is designed to handle the high bandwidth of Intranet connections and can be configured to provide an internal layer of protection between LAN segments. The UnityOne DataTap can be used to redirect Web traffic for URL filtering, or to mirror selective traffic for tracking and analysis.

Benefits of Unification Speed, Strength, Simplicity & Savings Speed Thanks to the Threat Suppression Engine s specialized hardware, UnityOne delivers, at speeds up to 2.0 Gbps, enterprise security has never been faster. Strength UnityOne delivers unsurpassed vulnerability assessment, attack detection and prevention, benefiting from the strength of a unified, interlocked system. With Digital Vaccine, world-class reconnaissance starts and ends by steadily and consistently monitoring and updating the major live threat databases - UnityOne blocks over 2000 attack types. Simplicity The riches of finding security solutions capably managed under one system should be plenty for hampered, overworked network administrators. UnityOne automatically learns and automates the firewall configuration and IDS tuning process, removing a source of constant headaches. Couple that coup for all three functions, with an easy-to-use interface, and the UnityOne can not be beat when it comes to securing the enterprise. Savings By integrating and interlocking assessment, detection, and firewall functions into a single appliance, enterprises automatically benefit from lower first-in and total-cost-of-ownership when choosing UnityOne. The cost of security is immediately reduced by purchasing one system, instead of the traditional three needed for patchwork security coverage. Compared to today s patchwork systems, UnityOne s first-in costs are 50% less and the total cost of ownership is reduced by as much as 75%.

TippingPoint s UnityOne Value Propositions What we offer Multigigabit hardware How it benefits the enterprise Secures network without degrading network performance Integration of three security systems into one Unified system Interlocking applications provide comprehensive security attack blocking, not just detection Lower first-in and total-cost-of-ownership Ease of use - Auto tuning - Single management system Hardened signature and anomaly algorithms Highly reliable signatures greatly diminishes false positives

7501B North Capital of Texas Hwy Austin, TX 78731 512.681.8000 phone 512.681.8099 fax www.tippingpoint.com DataTap, Digital Vaccine, UnityOneOS, Security Management System, Threat Suppression Engine, UnityOne, are trademarks of TippingPoint Technologies, Inc.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback