| Complete Application Security for the Enterprise and Data Centers |
|
- Web protection against IIS and Apache vulnerabilities
- Mail server protection against POP3, IMAP and SMTP vulnerabilities
- SQL injection and cross-site scripting
- SQL servers and DNS service protection against SQL and DNS vulnerabilities
- Remote access protection against Telnet and FTP server vulnerabilities
- SIP servers, proxies and IP phones protection against SIP protocol violations preventing shut downs, Denial of Service (DoS) and malicious takeovers
- Malware protection against worms, Trojan horses, spyware, phishing and backdoor attacks
|
|
| Advanced, Multilayer DoS/DDoS Flood Protection |
|
- Protection is provided against both known and unknown zero-day flood attacks
- Adaptive behavior-based DoS protection mitigates zero-day DoS/DDoS attacks in less than 18 seconds
- Protects against DoS attacks caused by a single packet or several packets, such as buffer overflows, Ping of Death and Land attacks
|
|
| Zero-day Worm Propagation Prevention |
|
- Using adaptive behavioral analysis, detects and prevents malicious activity created by advanced self-propagating network worms that use random or pseudo-random spreading techniques
- Ensures even "smart" mutating worms are handled quickly and persistently
|
|
| Proactive Prevention of Network Scanning and Pre-attack Probes |
|
- Detects and mitigates scanning activity that threatens to compromise your mission-critical systems
- Reconnaissance protection capabilities include mitigation of known and unknown scanning tools and all types of port scanning, including horizontal scans, vertical scans, stealth scans and ICMP sweeps
|
|
| HTTP Page Flood Protection |
|
- HTTP mitigator feature deploys the behavioral security technology to prevent HTTP page flood attacks that are often generated by malicious tools such as HTTP BOTs and HTTP page flooders
|
|
| Server-Crack Protections |
|
DefensePro® deploys adaptive behavioral technology to detect application-level pre-attack probes, misuse of authorization and DoS attacks including
- Brute Force and Dictionary attack protections for HTTP, FTP, POP3, IMAP, SIP, MS-SQL servers
- HTTP vulnerability scanning
- SIP spoofed Invite floods, SIP spoofed register floods and more
|
|
| End-to-End Traffic Shaping and Optimization Through Bandwidth Management and Access Control |
|
- Enables dynamic control of bandwidth end-to-end
- Guarantees or limits bandwidth per client, per session or per application
- Permits only predefined application traffic by controlling the access of traffic, per application ports, hosts and networks
- Allows controlling the bandwidth usage of peer-to-peer (P2P) applications to ensure adequate bandwidth for legitimate application traffic
|
|
| Centralized Security Management, Monitoring and Reporting |
|
- Customized security policies for each network segment
- Real-time dashboards to monitor top attacks, top attack sources and destinations and worm propagation activity
- Real-time traffic monitoring to observe normal traffic behavior and attacks volume mitigated
- Real-time security events monitoring and advanced forensics for examining historic network activity down to the packet level
- Pre-defined and customized executive reporting capabilities to support security decision-making and investments
|