The NetScreen Intrusion Detection and Prevention
(IDP™) system was developed to help you
effectively protect your critical network assets by
accurately detecting attacks,
stopping the attack impact and
delivering simplified security management. The
innovative technology of NetScreen-IDP provides the
next layer of security, complementing firewalls and
VPNs to protect against attacks in network traffic.
The following information describes the benefits of
NetScreen-IDP:
- Drop malicious packet during the detection
process using patent-pending technology
- Eliminate impact of attacks
- Control over functionality with centralized
rule-based approach
- Reduce management overhead with integrated
incident management
Most people think network intrusions just happen to
other people. The reality is network attacks affect everyone. It is inevitable
that your network will be attacked, and you can be
sure the attackers will try all sorts of different
tricks to compromise your systems. Are you prepared?
A
firewall is a start. It is an access control
device that determines which traffic is allowed in
and out of your network, based on predefined rules.
The firewall uses these rules to determine what is
"allowed," based on the source, destination and
service of the traffic. Some firewalls, such as
NetScreen's firewall solutions, have added some
attack detection and prevention capabilities,
protecting against Denial of Service attacks and
some network layer exploits. However, firewalls are
simply not designed to do in depth, packet analysis
to look for all types of network and application
layer attacks.
Plus, there are some attacks that the firewalls
will never see because they circumvent security
measures. For instance, a remote user may bring
their laptop from home into the office and introduce
a Trojan that is undetectable at the point of entry.
Whether it is an internal or external attack, you
can't afford to remain unaware and vulnerable.You
need attack detection and prevention. In order to
keep your information assets safe, your firewall
must be complemented with the NetScreen-IDP system.
NetScreen-IDP is the only device that provides
complete and accurate attack coverage
prevents
an attack from ever impacting your network.
NetScreen invented the Multi-Method Detection (MMD™)
mechanism to combine multiple detection mechanisms
in a single product for comprehensive coverage. In
addition, NetScreen-IDP uses these detection
mechanisms in an intelligent manner, automatically
using the most efficient method to detect each type
of attack and looking in only the relevant portions
of traffic where an attack can do damage to reduce
the chance of any false alarms. As soon as the
attack is detected, NetScreen-IDP can drop it (if
you have told it to do so in the security policy) to
eliminate its impact on the network.
-
NetScreen-IDP is easy to deploy, configure and
manage. It provides an intuitive graphical user
interface, with integrated policy editor, log
viewer and traffic session viewer. This integrated
approach allows the administrator to control and
manage multiple sensors across the enterprise in
an efficient and cost-effective manner. And since
all management activities can be accessed
remotely, using a single security policy,
administrators can quickly change security
policies and investigate security incidents.
-
The purpose built NetScreen-IDP offers the
industry's first 3-tiered architecture, where
sensor behavior is controlled by a remote
graphical user interface, all system configuration
and data is stored in a central management server,
and attack detection and prevention is controlled
by distributed enforcement points.
-
NetScreen-IDP provides the highest level of
traffic processing and alarm presentment
available, delivering fast and efficient alarm
collection, presentation and forwarding.
|
