Cyberoam Instrusion Prevention System | CloudAce

Cyberoam Instrusion Prevention System (IPS)

cyberoam instrusion prevention system

 

Cyberoam Intrusion Prevention System (IPS)

 

Cyberoam Intrusion Prevention System provides protection by blocking intrusion attacks, malware, Trojan and malicious code transmission. It supports multiple protocols like HTTP, FTP, SMTP, POP3, IMAP, P2P and IM which detects, blocks and drops suspicious traffic.It allows enterprises to create their own signatures for protection and prevent targeted attacks to the enterprise. The IPS signature database includes HTTP proxy signatures that prevent masking of users surfing through an anonymous open proxy.

  • Enables or disables categories from IPS protection.
  • Enables or disables individual signature to tailor IPS protection based on your network environment.
  • It can either detect or drop the connection. It generates the log and alerts the Network Administrator.

 

To detect such activities, IPSs uses Signatures. Whenever the matching traffic pattern with Signature is found, IPS triggers the alarm and blocks the traffic in reaching its destination. This global policy can be modified or tuned as per the requirement but cannot be tailored per network or per host. Enterprises can create custom signatures for branch offices through the Cyberoam Central Console(CCC). These enable enterprises with protection at branch offices by emerging network attacks despite of the lack of technical resources.

 

Cyberoam uses two modes for Signatures:

  • Drop mode: If any traffic matches the signature detected, it logsthe details, gives the alert to the Administrator and automatically drops the packets.
  • Detect mode: If any traffic matches the signature detected, it logsthe details and gives alert to the Administrator but does not take any action against the traffic and the connection proceeds to its intended destination.

 

As per the network requirements, it allows to define multiple policies instead of one global policy to decrease packet latency and reduce false positives. This security management system gathers and analyzes information from a network to identify security breaches, which includes misuse of attacks from outside the organization and misuse of attacks from within the organization. IPS prevents malicious activity like denial of service attacks, port-scans or attempts to crack into computers.

 

Once the policies and rules are in place, IPS examines all incoming and outgoing packets looking for matching signatures. All the detected signatures are logged and identified as IPS alerts.




Checking...

Ouch! There was a server error.
Retry »

Sending message...

Enquiry Form

Submit your contact details here...!!!

Spambot blocker question

2 + 9 =