8
N-Platform Hardware Installation and Safety Guide
•
Command Line Interface (CLI)
— Command line interface for reviewing and modifying settings on
the device. The CLI is accessible through Telnet and SSH (secure access).
•
LCD Panel
— Several IPS TippingPoint devices provide an LCD panel to view, configure, and modify
some device settings.
Core Controller
The TippingPoint Core Controller is a hardware-based device that enables inspection of up to 20Gbps of
traffic by sending the traffic to as many as 24 IPS device segments.
The Core Controller can control traffic across its three 10GbE network segment pairs and across multiple
TippingPoint E-Series IPS devices. IPS devices are connected by 1GbE uplinks, and each packet that is
received on a 10GbE Core Controller interface passes through a load balancer that then determines the IPS
connection to use for transmitting the packet.
The Core Controller provides:
• 10GbE bidirectional traffic inspection and policy enforcement
• High Availability with an optional Smart ZPHA module
• Central management through the SMS
Note:
The Core Controller can be used with the 2400E and 5000E IPS devices, and with all N-Platform
and NX-Platform devices.
High availability
TippingPoint devices are designed to guarantee that your network traffic always flows at wire speeds in the
event of internal device failure.
The TippingPoint System provides Network High Availability settings for Intrinsic Network HA (INHA)
and Transparent Network HA (TNHA). These options enact manually or automatically, according to
settings you enter using the clients (LSM and SMS) or LCD panel for IPS devices. Zero-Power High
Availability (ZPHA) is available for the IPS as an external modular device, as optional bypass I/O modules
on NX-Platform devices, and for the Core Controller as an optional Smart ZPHA module.
The IPS uses INHA for individual device deployment and TNHA for devices deployed in redundant
configurations in which one device takes over for another in the event of system failure. With INHA, a
failure puts the device into Layer-2 Fallback mode and permits or blocks traffic on each segment. In TNHA,
multiple IPS devices are synchronized so that when one device experiences a system failure, traffic is routed
to the other device with no interruption in intrusion prevention services.
SMS high availability provides continuous administration through an active-passive SMS system
configuration. A passive SMS is configured, synchronized with the active system, and waits in standby mode