Filter
Top Products
Chapter 1: Overview
2 X-Series Hardware Installation and Safety Guide V 2.5
The Stateful IP filtering provides service-level, stateful inspection of network traffic. It incorporates
filtering functionality to protect mission-critical applications. An administrator can use firewalls and
content filters that determines how the system handles traffic to and from a particular service. These
filters are specified by the source, destination, and service or protocol of the traffic.
The X-Series is responsible for the host and service database used by TippingPoint. The X-Series scans
your network and maintains an inventory of the active hosts and services on those hosts. System
administrators can use information collected by the X-Series to tune attack and IP filters.
Core Functionality
The X-Series provides the following core functionality:
• Optimized VPN connectivity — The TippingPoint X-Series allows inspection and control of traffic
both inside and outside of VPN tunnels.
• Enforcement of usage policies — The TippingPoint X-Series can be used to rate-limit applications,
such as peer-to-peer file sharing applications, and includes an optimal Web Content Filter
subscription service.
• Multicast applications — The TippingPoint X-Series prioritizes real-time traffic and provides secure
connectivity for IP multicast traffic.
• Detection and suppression — Unlike an intrusion detection system (IDS), the X-Series identifies and
stops malicious traffic on the edge of the network.
• Filter customization — Through IP filters, exceptions, and attack filter creation, you can customize
TippingPoint to meet the specific needs of your enterprise.
• Real-time threat aggregation — The TMC collects threat information from throughout the world,
converts it to attack filters, and distributes it to TippingPoint™ customers.
• Monitoring — Enterprise networks are in a constant state of change. Because enterprises regularly
reconfigure and add new devices and services, TippingPoint monitors the network for these changes
using network discovery.
The following sections describe each security application in more detail.
TippingPoint X-Series Environment
A single X-Series can be installed at the perimeter of your network, on your Intranet, or both.
All of the functionality of the X-Series runs directly on the device as the TippingPoint Operating
System (TOS). The Local Security Manager (LSM) is a web-browser client for managing your X-Series
that provides a graphical interface for on-the-box administration, configuration, and reporting. The
LSM accesses the functionality of the X-Series TOS.
You can also access the functionality of the X-Series using the Command Line Interface (CLI). The CLI
provides a command line interface for you to set values, run setup commands, and perform general
functions. However, the LSM provides most of the advanced functionality, such as reporting and filter
configuration.
The Security Management System (SMS) provides functionality beyond that provided by the LSM and
CLI. The SMS enables you to manage not one but multiple X-Series devices. The SMS coordinates all X-