We have a customer who want us to do a head to head comparison between Cisco IPS and TP. I went through the cisco competitive guide but didn't find out much technical info in it. I also found an old mirecom report(2005)comparing IPS 4255 to TP but not much convincing and old doucment.
Can someone please advise what are the main technical advantages over tipping point; the customer wants IPS to secure the permieter so I wanted to propose IPS 4240, any hints?
Tipping Point has fewer abilities for packet capture (called logging in Cisco-speak) while Cisco can capture a defined number of packets past the evnt, Tipping Point only can capture the packet that caused the event. This means that if you plan on providing analysis of your security events, you will not be able to tell if an attack detected on a Tipping Point IPS was sucessful. Tipping point does a much better job of looking at asymetrical traffic (one side of the session). Cisco has the option, but it doesn't work very well and last summer actually increased the CPU on a 4270.
I'd say get a Tipping Point if you want to set it and forget it, and get a Cisco if you are really investigating your events.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...