TippingPoint Sets New Standard for Intrusion Prevention

AUSTIN, Texas – Feb. 17, 2004 – TippingPoint Technologies, Inc. (NASDAQ: TPTI), the leader in intrusion prevention, today announced new capabilities for UnityOne Intrusion Prevention Systems. TippingPoint unleashes the power of intrusion prevention by extending its best-of-breed, Layer 2-7 Application Protection with powerful Performance Protection and Infrastructure Protection features.

“TippingPoint is re-defining intrusion prevention,” said TippingPoint’s Chief Executive Officer Kip McClanahan. “Intrusion prevention requires the ability to protect bandwidth and performance, the network infrastructure itself, as well as applications at Layers 2-7. Today’s attacks target each of these three business-critical areas, and only TippingPoint offers customers a complete, intelligent solution. Our customers demand uncompromising performance, reliability and protection.”

UnityOne Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance. By rate limiting applications such as peer-to-peer file sharing and instant messaging, network resources for business-critical applications like e-mail, database transactions and voice over IP (VoIP) are protected. Rogue applications can consume massive amounts of bandwidth. The ability to set policies that reclaim bandwidth results in an immediate return on investment.

Ronnie Wagers, network systems and security officer at University of Dayton, said, “Once we implemented TippingPoint’s performance protection filters, we saw a 40 percent increase in bandwidth availability. TippingPoint eliminated the need for us to purchase additional bandwidth, resulting in immediate cost savings.”

TippingPoint’s UnityOne Infrastructure Protection capabilities protect against denial of service attacks, SYN flood attacks and process table floods. This feature also protects routers, switches, DNS and other critical infrastructure such as VoIP from targeted attacks and traffic anomalies. Sophisticated algorithms within UnityOne can baseline normal traffic allowing for automatic thresholds and throttling to protect against denial of service and unknown, zero-day attacks.

Pima County Community College’s Director of Network Services Kirk Kelly said, “Our UnityOne arrived on site when we were having firewall problems due to a high level of ICMP traffic. We quickly installed the UnityOne outside of the firewall and it immediately began blocking the offensive traffic. The UnityOne protected the firewall and continued to perform under extreme load conditions.”

The UnityOne protects both perimeter and internal network segments. Internal protection is necessary to prevent attacks from within such as “walk-in” worms that are carried past the perimeter on an infected laptop. The UnityOne’s gigabit throughput and microsecond latency are required to protect high-speed connections at the network core.

Jacada’s MIS Manager Ronny Nussbaum said, “UnityOne protects us from internal and external threats. We placed the device in front of the firewall where it relieves the load on the firewall and blocks malicious traffic. We’ve also had several cases where someone came in with their Welchia-infected or ad-ware infested laptop, and UnityOne notified me immediately. I love this product! We’ve experienced bandwidth savings of approximately 30 percent.”

The UnityOne Security Management System (SMS) has been enhanced to easily manage these new capabilities. The new functionality consists of advanced reporting features, added bandwidth shaping functionality, and more intuitive usability combined with a new graphical user interface.

In a recent multi-vendor IPS evaluation, The NSS Group report stated, “We found the TippingPoint management system to be the most usable overall…The interface was intuitive, policy management was excellent, and the alert handling, analysis and reporting were all flexible, powerful, and yet very easy to use…The Policy Editor is the best we have seen on any IDS/IPS device.” The full report can be seen at www.nss.co.uk/ips.

The UnityOne Intrusion Prevention System is based on TippingPoint’s patent-pending custom-ASIC Threat Suppression Engine. The TSE supports a broad range of attack filtering mechanisms including signatures to detect known attack types, protocol anomalies to detect RFC violations, application anomalies to protect application vulnerabilities, and traffic anomalies for zero-day protection against unknown attacks. This powerful technology is highly scalable and extensible. The added Performance Protection and Infrastructure Protection capabilities deliver great value to TippingPoint customers and set a new standard for Intrusion Prevention Systems.

About TippingPoint Technologies

TippingPoint Technologies is the leading provider of network-based intrusion prevention systems that deliver in-depth protection and attack eradication for corporate enterprises, government agencies, service providers and academic institutions. This innovative approach offers customers an effective network-based security solution with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-88UNITYONE.

TippingPoint Technologies, the TippingPoint logo, UnityOne, the UnityOne logo and Digital Vaccine are registered trademarks of TippingPoint Technologies, Inc.

TippingPoint Forward-Looking Statements
This announcement contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. These forward-looking statements are subject to significant risks and uncertainties. Although the company believes that the expectations reflected in its forward-looking statements are reasonable, the company can give no assurance that such expectations or any of their forward-looking statements will prove to be correct, and future results may differ from those discussed in this press release. Important information regarding the factors that may affect the company’s future performance is included in its public reports that it files with the Securities and Exchange Commission. The company disclaims any intention or obligation to revise any forward-looking statements whether as a result of new information, future event, change in expectations, conditions or circumstances, or otherwise. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof. The inclusion of any statement in this release does not constitute an admission by the company or any other person that the events or circumstances described in such statement are material.