• 09/23/2002
    4:00 AM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Tipping the Scales

In our tests, TippingPoint UnityOne 2000's Network Defense System missed some key servers.
UnityOne's Network Defense System (NDS) performs intrusion detection, traffic blocking and alerting before traffic gets to the firewall. Tuning itself to the network, it identifies protected devices and services, and reduces the number of meaningless alerts common in other IDSs (intrusion-detection systems). Unfortunately, the product missed some key servers in my tests (see sidebar, "False-Positive Reduction.").

Good News
• High-speed IDS.
• Number of alerts reduced based on network architecture.
• Simple management.

Bad News

• Expensive.
• At the mercy of TippingPoint for troubleshooting.
• Network discovery may miss hosts.
• No way to develop or edit signatures.

Managing single installations of the NDS is easy through the Local Security Manager (LSM) Web-based GUI or through a CLI (command-line interface) using telnet or secure shell. You can manage multiple NDSs through the Security Management System (SMS), a hardened, Linux-based appliance accessed through a Java console. The NDS setup is based on segments or pairs of ports. I used three: one Fast Ethernet port for running attacks, and two fiber-based segments for traffic loading.

Ready, Set, Action

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments