Identify and stop worms, exploits and other attacks.

By peering into the network’s approved traffic, Astaro’s Intrusion Prevention System (IPS) can separate the good traffic from the hazardous traffic and keep your network safe from outside assaults. For businesses that do not run their own servers, Astaro’s Intrusion Prevention System can stop an already-infected-machine from threatening others on an associated network.

Descriptions & Screenshots Intrusion Prevention


An Intrusion Prevention System (IPS) can identify and stop many threats, exploits, back-door programs, and other attacks as they pass through the device. An IPS can strongly bolster a firewalls security policy by helping ensure that traffic which is allowed to pas s via the firewall rule policy is further inspected to make sure it does not contain unwanted threats.

Even with good patching practices, a company can find itself faced with a threat that affects its systems and resources. It is in these situations that IPS can often shine, as patterns to catch the threat are released before an official update or patch is made available – protecting the business during this crucial period. Astaro’s IPS is a deep-packet-inspection system which peers inside the traffic packets as they pass through the installation, and can remove certain packets which contain undesired contents that are matched against a deployable rules list of over 8000 patterns. This signature list of patterns is live-updated every few minutes and constantly adapts and evolves to keep you protected from threats as they emerge and spread.


 

Available Platforms

Astaro Security Gateway Hardware Appliances

Astaro Security Gateway Hardware Appliances

Our hardware appliances are purpose built, high-performance security devices. They integrate Astaro’s security applications with a hardened Operating System on optimized Intel-compatible server systems that cater to every business size. This section details the series of Astaro Security Gateway hardware models available.

Astaro Security Gateway Software Appliance

Astaro Security Gateway Software Appliance

Our software appliances include the operating system and all security applications bundled within a single software image. While offering the same capabilities as the hardware platform, they can be easily installed on your hardware of choice – maximizing deployment flexibility. The Astaro Security Gateway software appliances are much easier and faster to set-up than software applications that require the installation of an operating system in advance.This section details the security applications available, technical information and deployment scenarios.p

Astaro Security Gateway Virtual Appliance for VMware

Astaro Security Gateway Virtual Appliance for VMware

Our virtual appliances include a software appliance which has already been pre-installed and pre-configured for VMware environments. Being the first unified threat management product that has been certified as “VMware Ready”, it allows for the secure and easy deployment of an "all-in-one" security solution within a virtual environment. This section details the security applications available, technical information and deployment scenarios.

 


 

Technical Information

Astaro’s Intrusion Prevention System stops intruders and protects against even the most sophisticated threats by integrating fast and reliable pattern scanning technologies:

  • Identifies and Blocks Application and Protocol Related Probes and Attacks through Deep Packet Inspection
  • Database of over 8,000 Patterns and Rules Including:
    • Probing, port scans, interrogations, host sweeps
    • Attacks on application vulnerabilities
    • Protocol exploitations
  • Intrusion Detection and Prevention
    • Notify administrator and/or block traffic immediately
  • Powerful Management Interface
    • One click to enable or disable complete rule sets e.g. for email- or webservers

This feature is included within the optional Network Security subscription.