Toolkit

Story: TippingPoint to push into Euro security market

• 
• 

I have been involved as a consultant with putting in solutions for IPS and a major drawback to these solutions is they have evolved from IDS and must route between 2 NICS and are notoriously inaccurate.

If there is an interface exposed on an IPS then it can be targeted, and brought down easily.
Also the inability of these software based IPS solutions to handle large DDOS attacks like synfloods mean they are like using some gum to stop a dam.

The only solution worthy of mention to date is an IPS solution from Toplayer Networks which can be deployed in the enterprise or at ISP's as it is L2 and does not interfere with BGP routing. and can handle in excess of 800K syn's/sec on the current platform.
They just released a new product IPS 5500 which can handle synfloods of 2M synsec which a few of my customers are keen to test out.

So it is time for the PC based solutions to stop clouding the market and stick to doing IDS, which they havent even got right 4 years later.
Havent really heard of Tipping point but from what I have heard it is hard to get one of their people to even explain how they deal with a specific threat scenario,

• 
• 

• 
• 
• 

Full Talkback thread