Active Protection Software |
The Active Protection System (APS) from CounterSnipe is a combination of Intrusion Prevention software, host/application discovery, vulnerability detection and intelligent alert management.
APS provides you with maximum visibility and control over traffic entering and leaving your environment. It is a powerful and flexible suite of software that can be configured either as an Intrusion Detection System (IDS), passively sniffing for unauthorised traffic, or as an Intrusion Protection System (IPS) that will actively prevent unauthorised traffic from entering your environment.
The APS identifies hostile traffic in real time by matching signatures of known attacks and then takes action against the attack as specified by you. These actions range from dropping or rejecting traffic (close the connection) to alert you to the presence of the malicious packets. A total of nine different actions are available to provide you with a truly flexible incident response.
Click here for more on pre-installed and configured appliances
|
Immediate benefits to your organization
The APS?s easy to navigate management interface helps you quickly identify and quantify your network security risk by providing you with reliable intelligence as to the nature and frequency of identified hostile traffic entering or leaving your environment. With that intelligence you can take the APS one stage further and remove hostile traffic from your environment by rejecting it and providing visibility of the event through alerts and reports. In this way the APS augments your Incident Response capability by automating the attack response rather than depending on human operators after the act.
Overall the APS will help reduce the work load on your security management team by saving their time for incidents that represent high risk rather than require them to deal with unqualified risks.
Ultimately the APS reduces your risks in a quantifiable manner (you can actually see how much bad traffic was removed from your environment) thereby saving you real money.
The APS provides one of the best cost to benefit ratios of all security controls for you to quickly improve your security visibility and posture.
Technology
At the APS?s heart lies the Snort
high performance rules-based detection engine. Snorts open source language combines, signature, protocol and anomaly-based routing inspection methodologies to provide you with a customized framework for defining what unacceptable traffic on your network is.
But raw performance on its own is not enough, which is why the APS combines Snort?s performance with a powerful custom built management console and graphical user interface. The APS provides integral event and data management across multiple sensors in a resilient scalable framework. To provide the best possible foundation for these applications the APS is also available pre installed on your choice of appliance (APD). APD is optimized, hardened and tested to provide high performance and security. The APDs have been designed to fit into your default Disaster Recovery architecture and fault tolerance and load sharing architectures are available.
The APDs can be configured to handle upto 8 Gbps across multiple number of ports. |
|
