The Network Box IDP (Intrusion Detection and Prevention) module, which is integrated with the firewall, scans network traffic at the application level, and seamlessly blocks malicious behavior with zero latency.
A comprehensive database of IDP signatures precisely matches and actively blocks known exploits. Protection against newly emerging threats is provided by a database of vulnerability, class-based signatures and heuristic (expert system) anomaly-based behavioral analysis.
The Network Box IDP system is updated in real-time, using high speed PUSH Technology, from the global network of Network Box Operation Centers.
- Intrusion Detection Engine: Zero latency, hybrid, multi-level approach that is tightly integrated with the firewall.
- Action: Active (blocks network traffic) and / or passive (logs intrusion attempts)
- Reporting: Real-time (on demand) and periodic (summary) by SMTP e-mail
- Types of Intrusion Detection: ICMP / IP, Denial of Service (DoS), portscans, protocol and application level.
- Just-In-Time and Heuristic Engines: Used to block uncharacterized attacks before they have a signature.
- Signatures: In excess of 2,500 (IDS) / 350 (IDP) - depending on configuration