» IDS/IPS
Stateful Firewall
URL Filtering
Antivirus
Antispam
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner

 
Solutions
 

Intrusion Detection/Prevention System

To implement a successful security strategy, enterprises have to plan not only for known information on security threats, but also for new and unanticipated
threats known as “day-zero” attacks. The iPolicy Intrusion Prevention Firewalls protect against day-zero attacks by using traffic, session and protocol anomaly detection techniques along with behavioral worm detection. Combined with a
powerful intrusion prevention system that allows dynamic hardening of the Firewall and/or session /bandwidth limiting, this provides protection even against new attacks not yet in the Intrusion detection signature database.


There are more than 2,850+ attack and worm signatures available today from iPolicy Networks and this list is continuously updated. There are more than 1000 IPS signatures which provide protection against a wide variety of intrusion attempts.

The intrusion detection and prevention function in the iPolicy Intrusion Prevention Firewalls analyzes traffic and each packet for known attack and vulnerability signatures as well as traffic, session, protocol and behavior anomalies. The iPolicy series includes in-line traffic blocking functionality, which allows the intrusion prevention sub-system to prevent harmful traffic from entering the network.

Key Features and Benefits

iPolicy Intrusion Detection

  • Comprehensive attack detection
    • ~2850+ well categorized Signatures
    • Worms and Viruses
    • Vulnerability based detection
    • Known exploits
    • Protocol anomaly detection
    • Traffic anomaly for DoS/DDoS Detection
  • Custom Signatures
    • Fine grained parametric tuning of signatures
    • Support for custom signature language
  • Correlation
    • RVC for false positive reduction and better accuracy Protection from attacks, worms and malware
  • Centralized management for IDS
    • Configuration, monitoring and reporting
    • Disruption-free automated download of signature updates
  • Deployments
    • Inline – transparent and gateway
    • Tap-mode and Single-Arm
  • Network segmentation
    • VLAN, subnet, group of IPs
    • VLAN support in both transparent and gateway mode
    • Virtualization support in both transparent and gateway mode

iPolicy Intrusion Prevention

  • Real-time intrusion prevention
    • Critical for worms and network attacks
  • Suite of active response actions for most suitable mitigation (per signature)
    • Silent packet drop
    • Reset (TCP)
    • Dynamic firewall hardening
    • Session rate control for DDoS protection
    • Bandwidth control for DDoS protection
  • Correlation
    • Dynamic firewall hardening
    • RVC for better accuracy of intrusion prevention
 


iPolicy Security Manager (ISM)
 
iPolicy Security Manager Express (ISME)
 

Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Products Division of Tech Mahindra Limited | Privacy Policy | Site Map