The new IPS automatically senses and responds to threats in real-time across multi-vendor wired and wireless networks. Rather than restricting IPS visibility and control to a subset of network connections, IPS proactive protections are extended to every LAN edge access port and all WLAN 802.11 frequencies to detect threats, mitigate or stop any attack and, most importantly, automatically contain and/or remove the source of the threat from the network.
The solution integrates with switches and intrusion detection/prevention appliances from multiple vendors to leverage existing infrastructure investments while automating responses to security incidents.
Network security needs to be built-in everywhere, rather than bolted-on somewhere. Enterasys advanced security software delivers fully distributed protection from both internal and external threats without having to deploy appliances on every wire. Rather than just telling you that a threat exists – Enterasys makes it easy to immediately remove the threat from any multi-vendor network without impacting performance.
IT operations can avoid the performance bottle-neck and scalability limitations of traditional in-line IPS appliances by deploying Enterasys Distributed IPS. Unlike traditional IPS solutions that cannot provide critical threat identification, location, containment, and removal capabilities; the Enterasys Distributed IPS solution removes the source of the attack’s access to the network and reconfigures network devices from Cisco, Enterasys, Foundry, HP ProCurve, Juniper, Nortel and other vendors to prevent future access.
Depending on the capabilities of existing switches, automatic responses can range from throttling inappropriate traffic and/or blocking individual user/device access (for Enterasys policy-enabled switches), assigning packets to a quarantine VLAN (for all RFC 3580 compliant switches) or turning off the port (for any SNMP MIB II compliant switches).
The Enterasys Distributed Intrusion Prevention System is the industry’s first comprehensive IPS solution to cost-effectively address real-world operational requirements by:
Identifying a vulnerability, threat or security event Mitigating an attack by dropping the attack packet(s) Reporting the details of the attack Locating the exact physical source of the attack Containing the threat by removing the source from the network.
Enterasys Distributed IPS can also play a key role in post-connect Network Access Control (NAC) for continuous threat analysis, network behavioural analysis and deep packet inspection to assist in data leakage protection. Deploying the Enterasys Distributed Intrusion Prevention System reduces the exposure of IT resources to internal and external threats due to targeted business disruptions, opportunistic predators, or accidental malware infections. When dealing with fast-propagating threats to the enterprise like malware, time is of the essence. It is imperative to react quickly and effectively in mitigating a threat to prevent critical business processes from being impacted, ensuring continuity of operations, and reducing overall risk to the business.
|
