Network Security Overview

Intrusion Prevention

Intrusion Prevention provides protection against current and emerging network level threats. In addition to signature-based detection, it performs anomaly-based detection whereby the system alerts the administrator to traffic that fits a specific attack behavior profile. This behavior is then analyzed to identify threats as they surface and generate new signatures that will be incorporated into the system.

Anti-Spam

Anti-Spam techniques detect and block spam. These techniques perform algorithmic validations of messages against known spam messages, complex reputation services capable of evaluating and tracking valid email sources and destinations, intelligent scanning to evaluate the validity of images and dynamic rules to allow messages to be evaluated based on content within each message. These techniques can be combined to identify and block spam with highly accurate filtering rates and to minimize false positives.

Web Filtering

An automation technology that works in conjunction with research teams to collect, analyze and categorize websites to provide real-time protection through website ratings and categorization.

Web filtering technology is a pro-active defense feature that identifies known locations of malware and blocks access to these malicious sources. It enables administrators to enforce policies based on website content categories to ensure that users are not accessing content that is inappropriate for their defined environment rule set.

Virtual Private Network

Virtual Private Network (VPN) technology provides secure communications between multiple networks and hosts, though both Secure Socket Layer (SSL) and Internet Protocol Security (IPsec) VPN protocols.

End-users can take advantage of low-cost public network infrastructures to extend their network reach while obtaining high-performance for their network traffic with comprehensive privacy and security.  Protection from malware that would be otherwise hidden from traditional security products, enforce the full complement of security and networking features.

Data Loss Prevention

Data Loss Prevention (DLP) technology provides the ability to define rules based on corporate policies, and consequently detect and prevent confidential data from being distributed outside the walls of the corporate network. Using inspection capabilities within these DLP, policies are able to identify and stop the transmission.

The appliance can detect unique applications regardless of the underlying protocol.  Many applications have migrated to high-performance communications and data privacy.  Benefits include the ability to enforce complete content inspection and multi-threat security as part of VPN communications.

Web-Based Interfaces

Web-based interfaces enable opportunities to carry additional malicious threats. By identifying the application based on the characteristics of the traffic and behavior, policies can be set to control which web applications are allowed or denied thereby reducing the opportunity for both known and new potentially malicious applications to penetrate the infrastructure.

Traffic Shaping Technology

This technology helps user's control network traffic in order to optimize or guarantee performance, low-latency, and/or bandwidth. The firmware offers packet classification, queue disciplines, policy enforcement, congestion management, quality of service (QoS), and fairness. Since network bandwidth is a limited resource, traffic shaping helps businesses prioritize and manage costly network services. When managed intelligently, traffic shaping improves your latency, service availability and bandwidth utilization without any drawback due to lower priority bandwidth intensive multimedia or peer-to-peer network traffic.

To learn more about network security, please click here.