NIP2000D/5000D series IDS products are a new generation of intrusion detection products independently developed by Huawei, whose function is to help users locate various intrusion detection products.
Network threats, as well as traffic that violates security policies, and provide detailed and effective guidance measures, so as to realize the integration of protection, detection and response.
The solution of. NIP intrusion detection system (IDS) integrates a variety of new generation detection technologies, and insists on "comprehensive detection, accurate analysis, multiple
The IDS product concept of "face-to-face display" is a right-hand man for users to improve their security capabilities and improve their security measures.
Prospective comprehensive detection technology
NIP system adopts a variety of advanced detection technologies to effectively defend against various known or unknown threats:
Using intelligent protocol identification technology, different applications and protocols can be automatically distinguished without manually setting protocol ports; Vulnerability-based detection technology,
And detection technology based on attack characteristics, real-time detection and defense of various known attacks: vulnerabilities, worms and trojans. Protocol exception
Detection, traffic anomaly detection and heuristic detection technology can effectively find unknown vulnerabilities and attacks caused by malware. NIP products hui
Extract various intrusion detection technologies, the most important of which is vulnerability-based detection, which can effectively prevent threats caused by vulnerabilities, such as overflow.
Attacks, worm infections, etc. Compared with the traditional attack feature detection, it does not produce false positives, and can better resist attacks using evasive techniques.
Behavior.
Comprehensive detection: covering network, server, terminal and application.
Provide the detection ability of traditional IDS: vulnerability attack, Web application attack, worm, Trojan horse and other malicious software, network layer DoS, etc. Designed to increase
Internet client attacks overflow (browsers, media files, various document formats, etc. ), providing the most professional testing; Respond to the growing
The application layer denies service attacks and provides leading early warning capabilities (HTTP, DNS, SIP, etc. ); Strong sense of application, identifying applications.
1200+ to help users access the real state of the network. More than 200 security researchers first discovered this attack with their ability to track vulnerabilities distributed around the world.
To provide timely signature upgrade. Easy to deploy
NIP products are pre-configured with mature default security policies, providing zero-configuration online security protection out of the box. This default policy depends on.
Advanced engine technology and high-quality vulnerability-based signature provide high-precision threat detection capability without manual optimization and adjustment.
Multi-faceted presentation: easily determine the response mode
Detailed alarm information, and provide targeted response guidance measures; Attacks can be recorded to help users understand hacking behavior more clearly.
Process and collect certificates. Dozens of various security reports allow users to easily grasp the internal security situation and trends; NIP products offer a variety of products.
Predefined strategies can be selected by customers, which can meet the needs of customized strategies. NIP manager has rich log statistics reporting functions, from
The real-time status and historical information of the network, the ranking of detected attacks and the trend of traffic are comprehensively displayed with different granularity and dimensions. convenient to use
Users can know the health status of the network at any time and give guidance on network reinforcement and IT activities.