What is Intrusion Detection And Prevention?

Zyxel_Stanley Posts: 1,366  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer

Today’s networks are under attack from an ever-expanding array of threats - viruses, malware, and other exploits. Hackers are increasingly adept at avoiding detection, and unlike with automated threats like viruses, the goal of these intrusions is often the theft of specific personal or financial information. For this reason, users need more reliable safeguards to protect private data. ZyXEL Intrusion Detection and Prevention (IDP) provides a high-performance deep packet inspection engine to examine all incoming and outgoing traffic - including SSL traffic - for protocol deviations, content that signals an attack, or policy violations. ZyXEL IDP can operate in detection and prevention modes to defend operating systems and shield enterprise application vulnerabilities. ZyXEL IDP protects web applications from application-layer attacks including SQL injection and cross-site scripting. Detailed events provide valuable information, including who attacked, when the attack occurred, and what the attacker attempted to exploit. Administrators can be automatically notified via alerts when an incident occurs. Deep packet inspection is used for intrusion detection and prevention, web application protection, and application control. ZyXEL IDP service helps enterprises achieve timely security against known and zero-day attacks while fully safeguarding a network environment by providing anomaly traffic detection and prevention. It guards against evasion intrusions by blocking well-known Trojan horses and back door applications that can infiltrate your internal network. Benefits

  • Virtual patching: Shields vulnerabilities before they can be exploited and eliminates the operational pains of emergency patching, frequent patch cycles, and costly system downtime
  • Zero-day security: Protects against zero-day vulnerabilities while minimizing operational impact from resource inefficiencies and emergency patching
  • Cost-effective solution: Provides network-wide protection for all users configured behind firewall with a single IPS subscription

 Prevent Data Breaches

  • Immediately protects against vulnerabilities like Shellshock or Heartbleed
  • Blocks malware that attempts to evade detection
  • Ensures cloud servers only communicate with approved systems and safe domains
  • Detects and alerts you of suspicious or malicious activity

 Multiple layers of connected threat protectionThis IDP service integrates security across protection layers with flexible cloud deployment, centralized management for network-wide visibility, and control of threats and data. The following layers of security are included: 

  • Endpoint security: Secure user activity on desktops, laptops, or mobile devices with threat and data protection, application control, vulnerability protection, and encryption.
  • Mobile security: Secure, track, monitor, and manage your employees’ mobile devices and company data with mobile security that balances consumerization with IT control.
  • E-mail and collaboration security: Get superior protection against spam, phishing, malware, and targeted attacks.

 Continuous defense for superior protectionZyXEL Intrusion Detection and Prevention (IDP) is designed to provide layer 7 application management covering well-known network application categories, such as social networking, games, productivity, and other web-based applications and behaviors. ZyXEL’s database supports over 3,000 categories and updates an ever-changing variety of applications with repeated collection, analysis and inspection of flow cycle. Full coverage of network threatsZyXEL Intrusion Detection and Prevention (IDP) supports layer 7 context-aware threat analysis, as well as behavior analysis, for detection of encrypted threats and applications to protect against both client-side and server-side vulnerabilities. The IDP signature can identify a wide variety of malware threats and attacks such as Trojans, backdoor applications, and DoS/DDoS attacks, as well as other security hazards. We provide full protection, whether facing anomaly-based or vulnerability-based threats.

 Threat Prevention with SSL InspectionSecure Sockets Layer (SSL) encryption has seen extensive worldwide proliferation, with many popular Web and cloud-based services like Dropbox and Gmail offering users the ability to have their entire sessions encrypted. Unfortunately, attackers are also turning to encryption to evade detection, increasing the prevalence of malicious activity. Enterprises now face the challenge of how to inspect incoming and outgoing traffic for threats under SSL encryption. SSL inspection is the key to protecting your network from these threats. ZyXEL IDP service supports SSL inspection, helping to scan the content at a URL accessed over SSL to apply policies and detect malware and viruses at the URL level. This action blocks threats that are hidden in SSL encrypted connections and facilitates deeper policy enforcement.