IPS Blocks Threats That Scaled Firewalls At Interop Conference Network

3Com says that its TippingPoint Intrusion Prevention System (IPS) has blocked several network attacks on the InteropNet Event Network (eNet) at this week's Interop conference in Las Vegas. On 20 different occasions over the past week, users of the network unknowingly connected to the show's eNet with the Slammer (also known as Sapphire) worm ready to spread from their computers to the network. TippingPoint also blocked another 100 less severe threats.

The Juniper Networks routers, firewalls, and VPN appliances on eNet did not stop the attack, according to 3Com. 3Com engineers adding the TippingPoint IPS as part of its VoIP network architecture at the show. TippingPoint's IPS inspects IP packets to identify security breaches, then automatically prevents the threats from spreading.

"This is a great example of a case study for why enterprises need to think beyond a firewall or anti-virus software when it comes to protecting their network," says Kip McClanahan, president of 3Com's TippingPoint division. "Point security products like the ones used to secure the eNet are just a small piece of the security puzzle." McClanahan added, "In this case, had we not caught the worms that made it past the Juniper security products, the entire voice network would have been at risk."

Analysis

In fairness to Juniper Networks and other makers of firewalls and networking equipment, at CommWeb, we believe that the military concept of defense in depth applies to network security as well. IPSs, firewalls, and antivirus software are complementary security technologies, each with an important role to play.As 3Com's announcement demonstrates, no one piece of equipment that we're aware of provides perfect security against all threats. Everything we've heard from 3Com, which has played a leading role in discussing security for converged voice and data networks, agrees in essence with that point of view.