Documente Academic
Documente Profesional
Documente Cultură
Competitive Comparisons
Competition for the HP TippingPoint ATA is the Cisco AMP Network Advanced Threat Appliances; Cisco does not
offer a Mail-based ATA product.
HP TP ATA Network 250
Cisco AMP7150
Cisco AMP8150
250 Mbps
500 Mbps
500 Mbps
1 Gbps
2 Gbps
4 Gbps
4 x 1 Gb
4 x 1Gb
4 x 1Gb
4 x 1Gb
4 x 1Gb; 2 x 10Gb
8 SFP
8 SFP
3 x 4-port RJ45
netmods
Unknown
Unknown
20
Unlimited/over 80
Limited/8
Unlimited/over 80
Unlimited/over 80
Limited/8
Unlimited/over 80
Asymmetric
Support
Yes
Yes
Yes
Yes
Yes
Yes
Form Factor
1 Rack Unit
1 Rack Unit
1 Rack Unit
1 Rack Unit
1 Rack Unit
2 Rack Unit
Capacity
Data Ports
Sandboxes
Ports/Protocols
Cisco Strengths
1.
2.
Excellent test results in the 2014 NSS Labs Breach Detection Systems (BDS) Security Value Map,
although this was bolstered in large part by the use of the Endpoint AMP.
Deep integration with other Cisco technology, including FirePOWER and FireSIGHT
3.
4.
FirePOWER hardware platform and FireSIGHT management console scores well in client shortlist and
independent tests respectively. Cisco is highly visible on Gartner client IPS shortlists, especially in the
government market in part due to their headquarters location in Maryland.
AMP technology available for multiple platforms, including endpoints, networks, and private clouds
Our Response
Cisco Weaknesses
1.
2.
3.
4.
5.
Weak non-sandbox detections for activity like C&C and attacker communication.
Cisco AMPs sandboxing has limited customization, meaning customers may not be able to configure it to
their exact specifications. Attackers can use generic evasion techniques to avoid detection, including
checks for operating system, license file, language, and more.
Customers need both AMP for Networks and AMP for Endpoints to see highly effective detection and
blocking.
Lack of integration with SIEM solutions. HP TippingPoint solutions integrate with HP ArcSight, allowing
customers to do more with their investments in a faster, more automated way.
Lackluster Security Research - Question how well it protects against targeted attacks leveraging zeroday and variant vulnerabilities and exploits.
Our Response
perimeter?
How do you counter new and emerging threats with
inferior Security Research?
2014 NSS Labs Breach Detection Systems (BDS) Security Value Map
Note: for internal use only; do not leave this behind with a customer. New test results are due mid-2015.
Security Effectiveness
Additional Resources
TippingPoint Sales Portal
ESP Sales
ESP Competition
ATA Blog: Network Security: No need to drop, cover and hold on
Competitive Bottomline: Cisco Buys Sourcefire
Competitive Bottomline: Cisco to Acquire ThreatGRID
Frost & Sullivan: Analysis of the Global Public Vulnerability Research Market in 2013
Contacts
Mike Plavin, Technical Product Marketing Manager
TJ Alldridge, Product Marketing Manager