We changed our name from IT Central Station: Here's why

Trend Micro TippingPoint Threat Protection System OverviewUNIXBusinessApplication

Trend Micro TippingPoint Threat Protection System is #7 ranked solution in top Threat Intelligence Platforms and #13 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Trend Micro TippingPoint Threat Protection System an average rating of 8 out of 10. Trend Micro TippingPoint Threat Protection System is most commonly compared to Check Point IPS: Trend Micro TippingPoint Threat Protection System vs Check Point IPS. The top industry researching this solution are professionals from a comms service provider, accounting for 27% of all views.
What is Trend Micro TippingPoint Threat Protection System?

Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis.

Trend Micro TippingPoint Threat Protection System was previously known as TippingPoint Digital Vaccine, TippingPoint DV, Trend Micro Digital Vaccine, Trend Micro DV, Trend Micro TippingPoint NGIPS.

Buyer's Guide

Download the Intrusion Detection and Prevention Software (IDPS) Buyer's Guide including reviews and more. Updated: January 2022

Trend Micro TippingPoint Threat Protection System Customers

Yapi Kredi

Trend Micro TippingPoint Threat Protection System Video

Trend Micro TippingPoint Threat Protection System Pricing Advice

What users are saying about Trend Micro TippingPoint Threat Protection System pricing:
"It's an expensive product."

Trend Micro TippingPoint Threat Protection System Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Subhendu Dhar
Director at Diamond Infotech Pvt ltd
Real User
Top 5
IPS signatures and the IPS database are much better than what is commonly available
Pros and Cons
  • "The IPS signatures and the IPS database that are given are much better than what is commonly available."
  • "We need more integration. It would be good if Azure IPS and TippingPoint IPS and other products from Trend Micro like their DBI and IWSVA could talk between each other."

What is our primary use case?

When the client chooses a security setup we first need to explain to them why the dedicated IPS assist is correct for them and its advantages. We need to determine their traffic load. With all those calculations we show them we sometimes end up with over-commitment for the TOC. If we're talking about Trend Micro, you should know that they have a range of products, from IPS, anti-security solutions, and discovery solutions.

We lay out all those products and if they feel that any of them meet their requirements then they incorporate that into their solution. After that, it normally goes through the tender process. We participate in the tender and if we win, we send the product to the customer. We generally work with larger companies or different government bodies. For the different public sector units, there is a security requirement where we go to the client to analyze their existing infrastructure, try to find out where the loopholes are, and when we find something we advise and present the solution. We then incorporate whatever product the client requires.

Maybe it's a small setup or maybe it's a multi-department dedicated IPS setup. We deliver whatever IPS featured is required.

The general use cases are for large data centers and state data centers, where people from different state departments post their applications with their servers in the data center cloud. I'm from Calcutta, India. Our company takes care of different government departments in the Eastern part of India, in West Bengal, in Bihar, in Orissa, in Jharkhand, different states there. In all these cases, the state data center or maybe some big government bodies like PUC's, public utility commissions, like ONGC have their own data centers. All their applications are hosted on this data center, or maybe there is a DR. Maybe the DR is on the cloud. Or maybe like the ONGC, they are on-premise. 

They need to process the graphs to identify whether there's an intrusion or not, and maybe some micro-sandboxing needs to be done. Right when the setup is changed, when these data centers get these devices and need to process a huge amount of data, huge incoming and outbound data, the firewall integrated into the IPS is not capable of handling that much load. Then you need to put in a dedicated IPS. That's where we introduce NGIPS from Trend Micro. That's the thing - it totally depends on the client's requirements, the site's needs, the data bandwidth, and how much processing is required. Trend Micro offers a complete solution.

Trend Micro offers the NGIPS solution, as well as the Deep Discovery Inspector or Deep Discovery Analyzer, the DDI, and DDA. If you put a DDI in line, we can create a different operating system via a sandbox to process. Whatever packet we get, whatever file is getting processed, we capture according to that and we find anything that needs to be blacklisted or whitelisted. If it's blacklisted, that informs us from the DDA that it is getting first to the IPS and the IPS can take care of it.

It's a complete security solution. We might need to introduce the INWB or IWSBA solutions from Trend Micro to analyze the base traffic as well as the main traffic. It's a combination - NGIPS is there to take care of any intrusion and APT is there to analyze the file and network traffic. I'm doing the network sandboxing. IWSBA takes care of that traffic. INSBA is there for taking care of the mail traffic. These four devices can communicate with each other and can instruct the IPS to do any ad-hoc blacklisting that is required.

What is most valuable?

In TippingPoint, the IPS signatures and the IPS database are much better than what is commonly available. TippingPoint is more intelligent. It can work out bypass models if the device goes bad suddenly for any reason. It actually goes into a bridge mode where it parses from the data and finds where the problem is with the software security. We configure it like this so that if that happens, we immediately switch on the IPS in the firewall because technically the scenario is like that in the gateway. We first put on the firewall and the connection goes from there before going to the internal network or LC. We put the IPS in between the perimeter firewall, in an internal port.

One of the major reasons for choosing TippingPoint is that it acquires the intelligence of the IPS signatures. It is the first IPS solution database we tried. We actually detect a lot of intrusions not detectable by other solutions. This is an important point.

Another feature is that it can work in a base mode if the device goes down. Then, even if we do not do a modification into the network to get it working, you just switch on the IPS in the firewall and the device will pass on all those packets to the underlying devices. This way the operation doesn't stop and in the meantime, you can fix the problem.

What needs improvement?

In terms of what can be improved, I would say, integration. Integration of Trend Micro solutions with Azure. We need more integration. It would be good if Azure IPS and TippingPoint IPS and other products from Trend Micro like their DBI and IWSVA could talk between each other.

That integration should be increased so that human integration could be decreased. If it could communicate with other products, it would be great.

If you see a pay-meter firewall at Checkpoint, or Palo Alto and you're using Trend Micro, and your perimeter firewall is from some other vendor, maybe you are using anti-DDoS solution or maybe you are using some other solution from some other provider. If the pinpoint can be integrated with other vendors, it would be great. I'm not talking about each and every brand available in the market, but at least, with some reputable vendors like Palo Alto or Checkpoint. It would be great if that integration actually gives us a consolidated report, which helps us to monitor from a single point by eliminating duplicates.

For how long have I used the solution?

We have around four or five installers on TippingPoint NGIPS. We have been a partner with Trend Micro for the last two years and we sold these solutions to different state bodies, state powers, and state governments for their data centers.

What do I think about the stability of the solution?

It is a stable solution. It is dedicated to IPS. It is one of the best solutions. It's a very stable and very good solution in this way. 

It does not require maintenance. Of course, it requires some operative person to manage it like monitoring the logs, fine-tuning the day to day operations, etc. We need to have a security guy in the data center, in the NOC or in the SOC, Security Operation Center, who needs to look through the logs and do the necessary monitoring. But otherwise, we do not need regular interaction with the employee. Of course troubleshooting or fault-finding or anything like that we do.

What do I think about the scalability of the solution?

In terms of scalability, it is a scalable solution.

How are customer service and technical support?

Trend Micro's general support is good. If we require any technical support for any of their products they are always able to help us.

How was the initial setup?

All the deployments that we have done so far are on-site because they're data centers. The traffic goes to the cloud to get processed but they prefer their setup to be on-premise.

The setup is not very long but it does require a little bit of struggling to make it work and to get it properly integrated into the environment. It takes time, it's not like it is two clicks and it will start working. It's not like that.

What's my experience with pricing, setup cost, and licensing?

In terms of price, TippingPoint is not a cheap solution. It is not a very costly solution, but comparatively it is more.

When you purchase TippingPoint, you're purchasing their subscription which gives IPS database updates. They bundle everything together. That includes the warranty and extended warranty of the box, along with the support subscription to speak to tech support, or the IPS database, signature application, all those things are provided.

Almost all those things are bundled together. They bundle all the requests and licensing. We need to go back to them to ask for additional licenses or something like that, because in my department we cannot just go back to the client and tell them, okay, these are the things you need to purchase. It is impossible. So in the beginning of the process, when we sell the solution to our client, we always bundle all the necessary licensing so that it can be used whenever it is required.

On a scale of one to ten I would give TippingPoint NGIPS an eight.

What other advice do I have?

Trend Micro provides us technical updates and their free training if a new feature comes into their product.

In general, I would of course recommend this product to other people.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Network Engineer at a comms service provider with 10,001+ employees
MSP
Top 10
Very stable with good technical support, but can be quite expensive
Pros and Cons
  • "The technical support on offer is very good."
  • "The solution is pretty expensive."

What is our primary use case?

We primarily use the solution for email scanning.

What is most valuable?

The solution is very good at tracking attacks.

The solution automatically upgrades itself well in order to be effective against future attacks.

We can manually bypass IP addresses and DNS entries if we need to.

The technical support on offer is very good.

What needs improvement?

Right now, we are stuck with an older platform, 1400 N. It's more like a software base, so bypassing is done through software. If you go with the newer system, for example, the 4-40s, that's a hardware-based bypass, so those are more powerful. It has more throughput.

The initial setup is not straightforward.

The solution is pretty expensive.

For how long have I used the solution?

We've been using this solution for many, many years so far. It's been a while at this point.

What do I think about the stability of the solution?

The stability is excellent. It's 99.9% stable. There aren't issues with bugs or glitches. It doesn't crash or freeze. It's reliable.

What do I think about the scalability of the solution?

The solution is scalable, however, you need to swap the box. It's not the kind of scalability that you can do it via software. You need to swap the box and get a better model to expand it out. That said, it can scale. A company that needs to scale can do so. It just takes a hardware upgrade.

How are customer service and technical support?

We've dealt with technical support in the past. We've found them to be very good. They are responsive and knowledgeable. They are helpful. We're satisfied with the level of support we receive.

Which solution did I use previously and why did I switch?

We also use Splunk. We use both together. Splunk will warn us if something is happening, and then we can use TippingPoint to block access as necessary. We tend to use Splunk everywhere.

How was the initial setup?

The initial setup is not so easy. It's not that it's complex, per se. It's just not super-simple. You need some technical folks to manage it. It's not like anybody can do it. You have to have some knowledge. Otherwise, you'll run into a lot of issues.

What's my experience with pricing, setup cost, and licensing?

This is not the cheapest option. The solution is quite expensive.

Which other solutions did I evaluate?

We're currently looking at Cisco and considering deploying their solution in the new year.

What other advice do I have?

I'd recommend the solution, however, it depends on what a company needs. Before jumping in, a company needs to ask, themselves questions like: "What's our requirement". That said, for general enterprises, it's a good enough option. 

For our organization, however, as of next year, we're going to move away from it and deploy with a Cisco-based solution.

Overall, I would rate the solution at a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about Trend Micro, Cisco, Palo Alto Networks and others in Intrusion Detection and Prevention Software (IDPS). Updated: January 2022.
563,148 professionals have used our research since 2012.
Technical Manager at Digital World
Real User
Top 5Leaderboard
Good intrusion prevention that integrates well, and the support is good

What is our primary use case?

We use this solution to inspect the data packets before they can enter the firewall. Then, the packets can enter into our LAN infrastructure.

What is most valuable?

The intrusion prevention and detection are nice. It integrates easily.

What needs improvement?

It integrates well but it takes time. The integration process should be faster.

For how long have I used the solution?

We have been providing this solution for two to three years, maximum. We are using the latest version.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

It's a scalable product, but we haven't explored this area. We just install for the customers. We have only two customers…

What is our primary use case?

We use this solution to inspect the data packets before they can enter the firewall. Then, the packets can enter into our LAN infrastructure.

What is most valuable?

The intrusion prevention and detection are nice.

It integrates easily.

What needs improvement?

It integrates well but it takes time. The integration process should be faster.

For how long have I used the solution?

We have been providing this solution for two to three years, maximum.

We are using the latest version.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

It's a scalable product, but we haven't explored this area. We just install for the customers.

We have only two customers currently, who are using this solution.

How are customer service and technical support?

Technical support is very good.

How was the initial setup?

The installation is easy.

It will take a half-day easily to deploy. Almost five hours.

You only need one Level-3 engineer to deploy and maintain this solution.

What's my experience with pricing, setup cost, and licensing?

It's an expensive product. The price could be reduced.

Customers need to pay for a license along with the appliance.

Licensing is on a yearly basis.

What other advice do I have?

From my understanding, this is a very useful solution for the government sector.

I would rate Trend Micro Tipping NGIPS a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Intrusion Detection and Prevention Software (IDPS) Report and find out what your peers are saying about Trend Micro, Cisco, Palo Alto Networks, and more!