TippingPoint X-Series Environment
X-Series Hardware Installation and Safety Guide V 2.5 3
Series and IPS devices across your TippingPoint environment for administration, configuration, and
monitoring. Most importantly, the SMS includes enterprise-wide reporting and trend analysis.
From the SMS, you must set an overall profile of settings for each X-Series. The profile controls how the
device responds to traffic that matches filters. The X-Series is always in Active mode, and reacts to
traffic as specified by the appropriate filter.
The LSM and X-Series maintain a connection to the Threat Management Center (TMC) which is
located at TippingPoint headquarters. The TMC monitors 10,000 sensors around the world for the
latest attack information. As a result, your network can be continually inoculated.
Each component of the TippingPoint X-Series X-Series environment is discussed in more detail in the
following sections. Additional information about the TippingPoint X-Series is available in the
TippingPoint X-Series Concepts Guide.
Optimized VPN Connectivity
The X-Series VPN supports IPSec, L2TP, and PPTP tunneling protocols, as well as DES, 3DES, AES-
128/192/256, MD5, and SHA-1 encryption standards, and manual keyring, IKE with pre-shared keys,
and IKE with X.509 certificates. The device provides intrusion prevention inspection within VPN
tunnels, and can also prioritize traffic bi-directionally, both inside and outside of the VPN tunnels. The
VPN is hardware-accelerated, with an ASIC designed specifically for encrypting and decrypting
packets. To increase network security, you can configure VPN traffic to terminate in a security zone
that is separate from your internal LAN security zones. The X-Series also supports NAT deployment
within VPN tunnels.
Policy Enforcement
Policy enforcement includes the X-Series firewall, content filtering, and the TippingPoint IPS. The
TippingPoint X-Series has a stateful inspection firewall with a top-down rule evaluation engine. The
firewall can be used to rate-limit both security zones and applications, preventing excess bandwidth
consumption. TippingPoint offers a Content Filtering subscription service, which allows or denies web
sites by category. You can also manually allow or block URLs as exceptions to the defined rules. Content
Filtering is applied through firewall rules.
Security Zones and Network Interfaces
Security Zones enable you to define multiple Layer 2 VLANs. A security zone can be associated with a
single physical port, or can exist virtually by logical definition. Policy enforcement is applied to traffic
that moves between security zones. Network interfaces enable you to define Layer 3, and can represent
two or more security zones. Security zones can be defined through 802.1q VLAN tags.
TippingPoint IPS
TippingPoint X-Series devices use the TippingPoint IPS to protect your network by scanning,
detecting, and responding to network traffic according to the filters, action sets, and global settings
maintained on each device by a client. Each device provides intrusion prevention for your network
according to the amount of network connections and hardware capabilities.