The TippingPoint Intrusion Prevention System (IPS) delivers the most powerful network protection in the world. The TippingPoint IPS is an in-line device that is inserted seamlessly and transparently into the network. As packets pass through the IPS, they are fully inspected to determine whether they are legitimate or malicious. This instantaneous form of protection is the most effective means of preventing attacks from ever reaching their targets.

TippingPoint's Intrusion Prevention Systems provide Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, the TippingPoint IPS protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. TippingPoint's Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.

The system is built upon TippingPoint's Threat Suppression Engine (TSE) - a highly specialized hardware-based intrusion prevention platform consisting of state-of-the-art network processor technology and TippingPoint's own set of custom ASICs. The TippingPoint ASIC-based Threat Suppression Engine is the underlying technology that has revolutionized network protection. Through a combination of pipelined and massively parallel processing hardware, the TSE is able to perform thousands of checks on each packet flow simultaneously. The TSE architecture utilizes custom ASICs, a 20 Gbps backplane and high-performance network processors to perform total packet flow inspection at Layers 2-7. Parallel processing ensures that packet flows continue to move through the IPS with a latency of less than 84 microseconds, independent of the number of filters that are applied.

The TippingPoint TSE architecture also enables traffic classification and rate shaping. Sophisticated algorithms baseline "normal" traffic allowing for automatic thresholds and throttling so that mission critical applications are given a higher priority on the network.

The TippingPoint IPS family offers a range of products that differ in capacity and the number of simultaneous segments they protect.

The integral part of the TippingPoint solution is the Digital Vaccine® Service. Developed by TippingPoint's world-renowned security researchers (DVLabs), the Digital Vaccine service delivers comprehensive security filters to TippingPoint Intrusion Prevention Systems to to pre-emptively protect against the exploit of new and zero-day vulnerabilities. These filters, created to block multiple attack variants on a single vulnerability versus a simple exploit, provide attack recognition accuracy without compromising network performance. Digital Vaccine updates are automatically delivered twice a week, or immediately when critical vulnerabilities and threats emerge. TippingPoint's "Recommended Settings" provide preconfigured policies to automatically and accurately block attacks without any tuning, significantly reducing the amount of time and resources required to protect and maintain a healthy network.