Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco vs Tipping point

Hi All,

We have a customer who want us to do a head to head comparison between Cisco IPS and TP. I went through the cisco competitive guide but didn't find out much technical info in it. I also found an old mirecom report(2005)comparing IPS 4255 to TP but not much convincing and old doucment.

Can someone please advise what are the main technical advantages over tipping point; the customer wants IPS to secure the permieter so I wanted to propose IPS 4240, any hints?


Re: Cisco vs Tipping point

Tipping Point has fewer abilities for packet capture (called logging in Cisco-speak) while Cisco can capture a defined number of packets past the evnt, Tipping Point only can capture the packet that caused the event. This means that if you plan on providing analysis of your security events, you will not be able to tell if an attack detected on a Tipping Point IPS was sucessful. Tipping point does a much better job of looking at asymetrical traffic (one side of the session). Cisco has the option, but it doesn't work very well and last summer actually increased the CPU on a 4270.

I'd say get a Tipping Point if you want to set it and forget it, and get a Cisco if you are really investigating your events.