Breaking News - Security:

TippingPoint Releases Code For Intrusion Prevention Test Tool

TippingPoint Technologies Inc announced the availability and open source release of Tomahawk, the first test tool designed specifically to evaluate the unique capabilities of network-based intrusion prevention systems (IPS).

"TippingPoint is contributing Tomahawk to the public to make IPS testing easier and more affordable for end users," said TippingPoint's chief technology officer, Marc Willebeek-LeMair. "By enabling users to evaluate security, performance, and usability in real world environments, we believe it will accelerate the adoption of intrusion prevention and confirm its necessity in today's threat environment. We believe the benefit of open sourcing the tool to facilitate IPS testing outweighs the potential benefits of commercializing the tool."

An IPS is as much a networking device as it is a security device. Customers should be confident that the IPS they buy will not adversely impact their network and will perform security functions accurately. Although intrusion prevention systems are gaining mainstream acceptance and recognized as a best practice technology, tools for evaluating these systems are still primitive. Designed for testing other security products, current tools are expensive, limited in functionality, and unable to simulate the heavy load of real networks under attack.

TippingPoint developed Tomahawk to test the first network-based IPS in 2002, and has been perfecting the tool ever since. Tomahawk evaluates network performance (throughput and latency) with security accuracy while simulating real world environments. With Tomahawk, end users can test very high throughput with realistic traffic mixes, and ensure that malicious traffic is blocked while legitimate traffic reaches its destination.

Through the open source community, Tomahawk can receive extended testing and development, end users can set up their own IPS test beds free of charge, and IPS will reach a broader audience for testing. TippingPoint's goal in open sourcing Tomahawk is to cultivate education on IPS capabilities and improve IPS testing through test tool transparency.

Tomahawk is freely available, and can be downloaded at the following site: tomahawk.sourceforge.net/. To access more information including a free white paper on IPS testing, click here: www.tomahawktesttool.org/resources.html.

TippingPoint's UnityOne provides Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, UnityOne protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. UnityOne Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.