01/22/2007

TippingPoint, a division of 3Com and a specialist in intrusion prevention, today announced that it is extending its existing managed security services to provide customers with additional tools for attaining compliance with government regulations such as Sarbanes-Oxley, the Gramm-Leach-Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA).

ebizQ received the following details:

This offering includes project-based or scheduled subscription-based vulnerability assessments, penetration testing, and workflow vulnerability management through an alliance with Digital Defense. Customers can outsource these services to TippingPoint through this private-label integration alliance with Digital Defense.

Customers gain up-to-date knowledge of specific security vulnerabilities and weaknesses in their external and internal networks through remote assessment scans and penetration testing methodologies. As part of an overall customer security lifecycle management process, the service aids in defense of key corporate data breaches from unauthorized perpetrators attempting to gain network and/or host control. More importantly, it gives customers the knowledge to eliminate security holes addressing key industry regulatory compliance requirements.

The offering, packaged as TippingPoint Managed Network Security Assessment Services (MNSAS), is comprised of internal and external network vulnerability assessment scans (ad hoc or scheduled), optional internal and external penetration testing, and a Web-based workflow management application with compliance-based reporting. A collaborative team of security specialists at TippingPoint and Digital Defense facilities maintains and keeps up-to-date, state-of-the-art proprietary security assessment tools and methodologies utilized over the Internet. The Frontline workflow management application, hosted in Digital Defense’s Security Network Operations Center (SNOC), enables the assignment of specific groups or individuals to remediate individual vulnerabilities. The same Web portal offers all scheduling and workflow management functions.

The TippingPoint Managed Network Security Assessment Service (MNSAS) in conjunction with Digital Defense extends TippingPoint’s existing managed security services suite, which includes:

• Managed Network Security Services – TippingPoint offers managed security services in alliance with British Telecom (formerly Counterpane) and also supports select channel partners in their offering of TippingPoint as a managed service. Through these alliances, TippingPoint offers round-the-clock monitoring and management of security, networking, and data center devices from global Security Operations Centers (SOC).



• Security Posture Assessments (SPA) - comprehensive on-site security penetration testing and evaluation performed by TippingPoint security experts to identify network vulnerabilities and potential exposures to threats along with custom recommendations on policies, procedures, and security tools to eliminate security weaknesses.

“Our alliance with Digital Defense enables us to give customers the ability to perform scheduled security assessments and workflow vulnerability management as a subscription-based, outsourced service with a greater emphasis on reporting for the purpose of compliance,” said Don Ward, vice president of services and support at TippingPoint.

Jeff Durfee, assistant director of information security at the University of North Florida (UNF), implemented a comprehensive security program at UNF to protect the information assets at UNF. He designed the network security architecture, then implemented it through strategic purchases and placements of security devices such as TippingPoint’s Intrusion Prevention System. Although Jeff was confident in the security program that he had implemented, he wanted a trusted, independent security firm to confirm his beliefs.

“I engaged TippingPoint jointly with Digital Defense to perform an analysis of UNF’s network security,” said Durfee. “They validated the effectiveness of our work at UNF over the last three years, and provided me with recommendations on how to improve our security program more completely going forward. I am also evaluating the workflow management solution that they now offer. I believe that this service will increase the productivity of my team and my ability to effectively report on our vulnerability remediation progress. We continue to look for ways to better protect our information assets as well as ensure compliance with UNF’s information security policies. This tool will help us in these areas.”

The alliance between TippingPoint and Digital Defense not only provides greater defense-in-depth protection for a customer’s information assets, but it also demonstrates an increased commitment by these customers to their clients, employees, and shareholders through independent validation of adherence to the information security policies that they have instituted.

“We are very pleased about our alliance with TippingPoint,” said Larry R. Hurtado, president and CEO of Digital Defense, Inc. “By letting TippingPoint and Digital Defense carry out these services, customers can maintain focus on their core business, minimizing the requirement for them to divert precious resources to focus on security and compliance-related matters. We believe our service fulfillment options and our Service Oriented Architecture-based MNSAS platform combined with the TippingPoint IPS delivers effective, comprehensive security solutions for enterprises.”

TippingPoint and Digital Defense are currently delivering these solutions to customers.