Securing You
Cyberoam banner NU banner
CALL US:  0800 085 6661
CERTIFICATION »
IPv6 Ready
IPv6 Ready

Checkmark
UTM Level 5 Checkmark Certification

ICSA Certified
ICSA Labs Certified Firewall

AWARDS »
Review
Network Products Guide - Best Products and Services 2008 2007 Global Excellence Awards
WHITEPAPERS »
Whitepaper
Winning the Battle for Bandwidth

Whitepaper
Whitepaper
IDC - UTM APPLIANCES & IDENTITY BASED SECURITY

Whitepaper
 

INTRUSION PREVENTION


Attackers are increasingly turning to highly targeted external and internal attacks. Sometimes, these attacks are so highly focused, that they target just the key individuals with access to enterprise resources. With many attacks being too small to fall within the anti-virus and anti-malware radar, enterprises are turning to advanced IPS engines for zero-hour protection.

Cyberoam's Intrusion Prevention System (IPS) solution provides powerful protection by blocking intrusion attempts, protecting against malware, Trojans, DoS attacks, malicious code transmission, backdoor activity and blended threats. It is a subscription service, offering the most comprehensive, zero-hour protection to enterprises in combination with the Cyberoam firewall, gateway anti-virus and anti-spyware, anti-spam and content filtering services.

Key Features

  • Multiple and Custom
    IPS policies
  • Identity-based policies
  • Automatic real-time updates
  • Identity-based intrusion
    reporting

Comprehensive Protection
Cyberoam IPS supports multiple protocols — HTTP, FTP, SMTP, POP3, IMAP, P2P and IM - and automatically detects, blocks or drops suspicious traffic. The Intrusion Prevention system delivers application and network-layer protection with more than 3000+ inbuilt signatures which are automatically updated.

Identity-based IPS Policies and Reporting
The Cyberoam UTM is unique in providing multiple IPS policy creation, enabling enterprises to customize policies per user or group rather than create blanket policies. In the process, it eliminates false positives that occur with blanket policies. With the multi-policy support, enterprises can define identity-based policies that restrict access, or provide limited access to applications, including IM and P2P.

Cyberoam's Intrusion Prevention offers user identity-based alerts and detailed reporting based on the username for both inbound and outbound traffic. Enterprises gain easy visibility into applications with user name, source, destination, period and extent of usage, enabling them to zero in on rogue users and systems easily. In addition to a dashboard report that gives an enterprise-wide overview of threat status, detailed IPS reports by Cyberoam Intrusion Prevention System giving Top alerts, Top attackers, Top victims as well as alerts with usernames and attack severity facilitate instant corrective action by enterprises in case of an intrusion.

Zero-Hour Protection
Cyberoam's Intrusion Prevention System supports custom signatures, allowing enterprises to create their own signatures for zero-hour protection, preventing targeted attacks unique to the enterprise. The IPS signature database also includes HTTP proxy signatures that prevent masking of users surfing through an anonymous open proxy.

Centralized Security
Enterprises can centrally create custom signatures for branch offices through the Cyberoam Central Console (CCC). The IPS policies can then be centrally pushed across distributed networks, enabling enterprises to enjoy zero-hour protection at branch offices against emerging network attacks despite the lack of technical resources at these locations.

 

Request an Evaluation Unit

For price quote or further product detail, contact us