user manual
Chapter 1: Overview
4  X-Series Hardware Installation and Safety Guide V 2.5
The TippingPoint IPS is designed to handle the extremely high demands of carriers and high-density 
data centers. Even while under attack, TippingPoint Intrusion Prevention Systems are extremely low-
latency network infrastructure ensuring switch-like network performance. 
The TippingPoint IPS is an active network defense system that uses the Threat Suppression Engine 
(TSE) to detect and respond to attacks. TippingPoint Intrusion Prevention Systems are optimized to 
provide high resiliency, high availability security for remote branch offices, small-to-medium and large 
enterprises and collocation facilities. Each TippingPoint can protect network segments from both 
external and internal attacks. TippingPoint Intrusion Prevention Systems are extremely low-latency 
network infrastructure ensuring switch-like network performance, even while under attack. 
X-Series devices provide the following ethernet interfaces and traffic performance:
Threat Suppression Engine
The Threat Suppression Engine (TSE) is a highly specialized, hardware-based intrusion prevention 
platform consisting of state-of-the-art network processor technology and TippingPoint's own set of 
custom ASICs. The TSE is a line-speed, hardware engine that contains all the functions needed for 
Intrusion Prevention, including IP defragmentation, TCP flow reassembly, statistical analysis, traffic 
shaping, flow blocking, flow state tracking and application-layer parsing of over 170 network protocols. 
The TSE reconstructs and inspects flow payloads by parsing the traffic at the application layer. As each 
new packet of the traffic flow arrives, the engine re-evaluates the traffic for malicious content. The 
instant the engine detects malicious traffic, it blocks all current and all subsequent packets pertaining 
to the traffic flow. The block of the traffic and packets ensures that the attack never reaches its 
destination. 
The combination of high-speed network processors and custom ASIC chips provide the basis for IPS 
technology. These highly specialized traffic classification engines enable the IPS to filter with extreme 
accuracy at gigabit speeds and microsecond latencies. Unlike software-based systems whose 
performance is affected by the number of filters installed, the highly-scalable capacity of the hardware 
engine enables thousands of filters to run simultaneously with no impact on performance or accuracy.
Local Security Manager
The Local Security Manager (LSM) is responsible for local administration, configuration, and 
reporting for a single X-Series. Through the use of a graphical user interface (GUI), the LSM provides 
the interfaces, tools, and processes that configure and monitor the X-Series. The LSM provides a subset 
Table 1: X-Series System Performance
Model
Ethernet 
interfaces
Concurrent 
sessions
IPS 
Performance
Firewall 
Performance
Triple DES
X5, 25-user license 6 x 10/100 20,000 8 Mbps 50 Mbps 8 Mbps
X5, unlimited-user license 6 x 10/100 60,000 8Mbps 50 Mbps 8 Mbps
X505 4 x 10/100 130,000 50 Mbps 200 Mbps 50 Mbps
X506 6 x 10/100 130,000 50 Mbps 200 Mbps 50 Mbps










