T ball red

Trend Micro TippingPoint NGIPS Review
Its default filters include, among 2300 others, protection against buffer overflows and malicious downloads, but be sure to make baseline audits and incident-handling protocols upon deployment.


Valuable Features:

It ships with a default profile that enables approximately 2300 filters for items that should never legitimately exist on a network, including certain attacks such as buffer overflows as well as malicious downloads. In addition to these default filters, more than 5400 additional filters, broadly considered policy choices, are available for use based on the requirements of the protected environment and it now offers a Reputation Digital Vaccine Service (Rep DV).

HP released a Vaccine toolkit that uses a wizard to let TippingPoint customers generate their own filters, in effect deploying "virtual patches" to protect themselves from vulnerability exploitation. Filters created by using the Digital Vaccine Toolkit can be applied directly to a single IPS or the SMS console can be used to quickly update all systems. Impressive.

Improvements to My Organization:

It has enhanced the monitoring.

Room for Improvement:

Your IPS is only as good as the threat intelligence behind it. TippingPoint should be able to combine ArcSight into IP blocking services, not wait for Fortify to pull ArcSight.

Use of Solution:

1 YEAR

Deployment Issues:

The process of establishing the baselines, policies, and procedures for information security and incident handling at the outset yields great benefit later. Know this before implementation and it will save you time and stress.

Other Advice:

Baseline audits, inventories, and vulnerability assessments of systems may reveal opportunities for improvement. Configuring an appropriately sized IPS with a majority of the filters enabled using detection protocol only, or “Permit + Notify” action, allows for the deeper discovery of the types of network transactions being performed and the systems involved. This process can also identify surprise applications that may be present in the environment, such as user-installed downloads that are outside of organizational norms or unpatched applications installed on servers for some long-forgotten test. In other words, know the exposures.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
0a4d85b7 739b 4f5a 8313 54a25f366c91 avatar?1445026240

0 Comments

Anonymous avatar x30
Guest

Have A Question About Trend Micro TippingPoint NGIPS?

Our experts can help. 239,056 professionals have used our research on 5,957 solutions.
Why do you like it?

Sign Up with Email