TippingPoint

Version : TippingPoint for the S-Series (330) IPS device, TOS version 3.6.4 and 3.6.5.

The TippingPoint Next-Generation Intrusion Prevention System (IPS) offers comprehensive threat protection against advanced and evasive targeted attacks with high accuracy. Using a combination of technologies such as deep packet inspection, threat reputation and advanced malware analysis, it provides enterprises with a proactive approach to security.

Netsurion Open XDR collects the logs, helps administrator to analyze the events and generate the reports for the TippingPoint IPS traffic being allowed or blocked.

Netsurion Data Source Integrations for TippingPoint allows you to visualise the following components:-

• Security – TippingPoint IPS traffic allowed and TippingPoint IPS traffic blocked.

Once TippingPoint is configured to deliver events to Netsurion Open XDR Manager; alerts, dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type	Name	Description
Security	TippingPoint – IPS traffic blocked	This alert is generated when specific IP traffic is blocked.

Reports

Type	Name	Description
Security	TippingPoint – IPS traffic allowed	This report provides the information related to IP traffic being allowed by TippingPoint IPS. It consist of columns Event Time, Device Name, Alert Severity, Alert Message, Source IP, Source Port, Destination IP, Destination Port, Protocol, Action and Security Zone.
Security	TippingPoint – IPS traffic blocked	This report provides the information related to IP traffic being blocked by TippingPoint IPS. It consist of columns Event Time, Device Name, Alert Severity, Alert Message, Source IP, Source Port, Destination IP, Destination Port, Protocol, Action and Security Zone.

Documentation

The configuration details are consistent with Netsurion Open XDR 7.x and later, and TippingPoint.

Download Integration Guide for configuration instructions and more information.