Detailed description of IDP intrusion detection and defense

Intrusion Detection and Prevention (IDP Intrusion Detection and Prevention) is a defense against Intrusion. It collects and analyzes information about several key points in a computer network or computer system, and checks whether there are violations of security policies and signs of attacks on the network or system. As an active security protection technology, intrusion detection and Defense provides real-time protection for internal attacks, external attacks, and misoperations. It intercepts and responds to intrusions before the network system is compromised. It takes detection and control as the technical essence and plays an active defense role, which is an extremely important part of network security.

LanGate UTM integrates functions such as intrusion detection and defense, virus filtering, bandwidth management, and URL filtering. It is the most advanced intrusion detection and defense system in the industry. Through layer-2 to layer-7 Analysis and detection, the system blocks attacks and malicious behaviors such as viruses, worms, Trojans, spyware, and DDoS in real time, it also effectively manages various non-critical services such as P2P and IM distributed in the network to fully protect network applications, network infrastructure and network performance.

498) this. style. width = 498; "border = 0>

Figure 1

Product Overview

High performance and high reliability

Based on the sustainable security platform, it integrates professional modules and uses multi-core processors to ensure that IDP can still have wire speed in-depth detection and protection capabilities in a variety of high-traffic and complex application environments. Equipment redundancy can also be used to ensure uninterrupted normal operation of user services.

Convenient Management

It supports Web Interface Management and graphical management through the built-in LanGate Web interface. It is intuitive and convenient for unified monitoring, analysis, and policy management. The data is exported in different formats to facilitate administrator operations.

Network Infrastructure Protection

Powerful DoS, Flood, ARP, and other attack protection capabilities. When a DoS attack or a large-scale outbreak of a virus causes a surge in network traffic, it can automatically detect and block attacks and abnormal traffic, so as to protect internal systems, servers and other network infrastructure from various malicious attacks and ensure the smoothness of key services.

Refined Traffic Management

Accurately identifies P2P/IM, stock trading software, network multimedia, online games, and other applications, and can throttling or block traffic by time period, user (group), and application. Through refined bandwidth management, IT helps users to curb the acquisition of valuable bandwidth and IT resources by non-key applications, so as to ensure the reasonable configuration of network resources and the quality of service for key services, and significantly improve the overall performance of the network.

Zero Time Difference application Protection

LanGate can be updated online in real time with kaspersky, a world-renowned security organization, to master the latest attack technologies and trends, so as to provide customers with On-demand protection, blocks and responds to intrusions before the network system is compromised.

Powerful intrusion defense capabilities

LanGate uses multiple methods to protect servers from external attacks. IDP blocks all unauthorized connections and performs Threat Analysis on data to identify over 4000 attacks. The Stateful Packet Inspction ensures that all packets are part of valid packets. The Deep Packet Inspection Technology ensures that all packets can be

Professional virus detection and removal

LanGate integrates the Kaspersky Lab Kaspersky Anti-Virus engine with a built-in professional virus database. Using the second generation of heuristic code analysis, real-time monitoring, and unique script virus interception among other cutting-edge anti-virus technologies, the system can detect and kill a large number of files, network and hybrid viruses in real time, accurately detects and removes virus variants and unknown viruses.

With the rapid development of the Internet, more and more attacks on the network are spreading. A computer that has just been connected to the Internet has attempted to intrude into the network within a few hours. In the traditional intrusion defense war, a network security administrator needs to fight against thousands of hackers or malicious code from all over the world, which often makes the network administrator exhausted. After LanGate UTM is used, the network administrator only needs to configure a few times, and may be able to guard against attacks from various places by using the IDP system.

Therefore, the LanGate UTM intrusion defense system provides comprehensive security management. On the one hand, it centrally manages security events across the network and devices, standardizes, centralizes data, and performs Association and Intelligent Analysis to reduce the false positive rate and predict threats; on the other hand, vulnerability scanning is used to determine whether the system has known vulnerabilities in advance, so as to "prevent them from being" and establish a forward-looking security defense system.