3Com Announces Retail Network Security Via Quarantine
3Com and its TippingPoint division, today announced the availability of its end point security solution, 3Com TippingPoint Quarantine Protection. Quarantine Protection is the fundamental building block of a complete end point security strategy for client protection and remediation, leveraging network infrastructure for the isolation of infected devices.
By ensuring infected machines are contained for remediation, businesses maintain a healthy network and block the internal spread of attacks so technical support costs are reduced. In addition, administrative costs associated with managing multiple point solutions are reduced through the use of 3Com's clientless, network-based security solution.
"Quarantine Protection is an ideal solution for a converged network because it has the intelligence to secure wireless, voice, and data end points," said Charlotte Dunlap, analyst at Current Analysis. "Consistent with 3Com's strategy and in support of heterogeneous networking environments, the TippingPoint Intrusion Prevention System (IPS) and the new Quarantine Protection are interoperable and standards based, enabling the solutions to be integrated into existing networks and/or multi-vendor environments."
Quarantine Protection utilizes the TippingPoint IPS, the TippingPoint Security Management System (SMS), and network switches or management systems to block malicious traffic, contain infected end points, and provide support for remediation of infected devices. Quarantine actions are extremely flexible and can include displaying a remediation Web page, blocking a port, or redirecting the infected host to a contained quarantine VLAN based on administrator policy.
Although the standards-based architecture of Quarantine Protection is intended to leverage the customer's existing network infrastructure, 3Com products work best when used together because they allow for seamless integration and out-of-the-box support. Today, Quarantine Protection on the TippingPoint IPS and Security Management System (SMS) comes with pre-configured support for 3Com switches and 3Com's Enterprise Management System (EMS). Automated integration with 3Com wireless switches will be available this summer.
Quarantine Protection also has the ability to work seamlessly with the Cisco 6500 Catalyst switch. It can work with any network management system or switch with some integration. Custom configurations can easily be enabled through 3Com Professional Services.
3Com's Chief Technology Officer Marc Willebeek-LeMair said, "With Quarantine Protection, 3Com is uniquely automating end point policy enforcement and security. By securing desktops and other end points with a clientless, network-based solution, enterprises greatly benefit from centralized and simplified management of all endpoints regardless of platform, function, operating system, or user."
There are three primary methods to deploy Quarantine Protection depending on the policies and existing network infrastructure equipment used by the enterprise.
- Quarantine via TippingPoint IPS
In this deployment scenario, the IPS blocks malicious traffic coming from the infected host and serves a remediation page with instructions on removing the infection. All subsequent traffic emanating from the host is blocked at the IPS. - Quarantine via TippingPoint IPS and TippingPoint Security Management System (SMS)
In addition to the actions of the IPS-only scenario, the TippingPoint SMS can correlate events and take actions such as advanced notifications or even communicate with the switch to shut down the offending device's access to the network. This process is automated through a set of pre-established instructions in the SMS that interacts with the infrastructure to identify the offending host and take the appropriate Quarantine action. - Quarantine with the TippingPoint IPS, the TippingPoint SMS, and a Network Management System
Although the actions in scenario two are more automated due to pre-set policies, organizations may choose to Quarantine using their existing network management system (NMS) if they already have established policies through their NMS. In this case, the IPS will block malicious traffic coming from the infected machine and will notify the network management system. The network management system will take action according to the administrator's pre-set policies or allow an administrator to react manually.
TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated in its industry. For a full list of awards, visit www.tippingpoint.com/products_certifications.html. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS.
About 3Com Corporation
3Com Corporation (NASDAQ: COMS) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection for corporate enterprises, government agencies, service providers and academic institutions. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox.