Intrusion Detection and Prevention (IPS)

IPS is intrusion detection and prevention system. It examines the packets passing through internet traffic and can detect and block traffic that is associated with their signatures. Click here for detailed information about IPS signatures.

IPS

image

Intrusion Detection and Prevention (IPS) New Record

image

Field Description
Sequence No The order is defined for the rule.
Status Choose either active or passive as status.
Scope The IP address (s) to which the rule will be applied are written.
Description Enter description.

Clicking the “Pre-Defined Signatures” button, which is determined by the red field in the image below, details of signatures and signature “Actions” can be specified.

image

image

Field Description
Class Type IPS signatures are divided into 29 different class types and can be filtered and selected according to the class type.
Signature Status Default active or passive signatures can be filtered.
Platform IPS signatures of 11 different platforms can be filtered.
Signature Display Enabled and Disabled signatures can be filtered. If the signature is selected, the selected signatures can be filtered with the Enable option.
CVE CVE (Common Vulnerabilities and Exposures), It is a vulnerability dictionary available to the public and can be filtered with CVE codes and precautions can be taken.
Category It is categorized according to the properties of IPS signatures such as domain and can be filtered among these categories.
Policy Security, such as the most detected, policy information can be filtered.
Flow Wherever the flow direction will be; to_server or to_client is selected.
MS Vulnerability It can be filtered to prevent vulnerabilities caused by “MS code”.
Severity IPS signatures can be filtered as high, medium and low severity.

Clicking the “User Defined Signatures” button, which is determined by the red field in the image below, details of signatures and signature “Actions” can be specified.

image

image

Field Description
User Defined Signatures in which users are defined manually can be filtered and selection can be made.
Signature Display nabled and Disabled signatures can be filtered. If the signature is selected, the selected signatures can be filtered with the Enable option.

ePati Cyber Security Co.

Mersin Üniversitesi Çiftlikköy Kampüsü
Teknopark İdari Binası Kat:4 No: 411
Posta Kodu: 33343
Yenişehir / Mersin / TURKEY

Web: www.epati.com.tr
e-Mail: info@epati.com.tr
Tel: +90 324 361 02 33
Fax: +90 324 361 02 39