Intrusion Detection And Prevention
Intrusion Detection And Prevention

The Network Box IDP scans network traffic at the application level, and seamlessly blocks malicious behavior with zero latency. Protection against newly emerging threats is provided by a database of vulnerability-class based behavior anomalies and heuristic (expert system) anomaly-based behavioral analysis. This is updated in real-time, using Network Box’s patented PUSH Technology.

Features:
There are four IDP modes offered by Network Box:

Front-Line IPS

Extremely light-weight, high-speed service, offering zero-latency protection, inline with the data-stream, against network worms, exploits and other such attacks. Operating in conjunction with the firewall, at the individual packet level (after fragment reassembly), the front-line IPS adds packet content inspection, rate limiting and traffic analysis to the base firewall capabilities.

Passive IDS

Alerting and logging of traffic, side-by-side with the data stream – useful for policy enforcement and more aggressive rules.

Active IDS

Alerting and logging of traffic, side-by-side with the data stream, but with the ability to actively teardown connections once malicious traffic has been identified.

Inline IPS

Alerting and logging of traffic, inline with the data stream; tightly coupled to the firewall, this is able to drop traffic before the remote system even sees it.
Intrusion Detection And Prevention (IDP)

– 3 Engines, 15,992 Signatures
– Scans network traffic at the application level, and seamlessly blocks malicious behavior with
zero latency
– Two Modes: Active (blocks network traffic)
Passive (logs intrusion attempts)