Unispeed logo Unispeed

Network security

As illustrated by the "Swiss cheese model" any network, no matter how well protected, is susceptible to intrusion. Lots of systems such as IDS, IPS firewalls and anti virus programs provide protection against known vulnerabilities.

When an attack penetrates these systems there is however little chance that the source and effect of the attack is discovered timely.

With the ability to scan the full payload at Duplex 10 GBit/s and track thousands of patterns and signatures - Netlogger can disclose Bot-nets and malicious traffic before threats evolves to a critical level.

Adding Netlogger to your network gives you a power full tool to respond to attacks before they become effective, and spreads to other parts of your service or your costumers.
By setting policies, ranges and thresholds to the accepted level of traffic by Volume - Geographic origin and Packet content the Netlogger gives you an early warning when your service is experiencing trouble. When unexpected events occur Netlogger will direct firewalls and IPS's to block the malicious traffic for a desired period of time.

Netlogger

Denial of Service

Denial of service from packet streams using legitimate types of traffic is almost impossible to detect using traditional defence methods. With Netlogger irregularities and sudden changes in the network traffic is constantly monitored and selectively reacted upon.

Content Watch - SQL injection Attacks

Virus infecting web pages via SQL injection attacks is a growing concern, as it infects legitimate sites and spreads via the visitors.
The Trojan called "Asprox" is one example where the malicious code exploit vulnerabilities in Microsoft server and propagates to new hosts, eventually attempting to install phishing/password stealing code like Danmec onto the visiting computer. Netlogger can protect Web sites against such attacks by

  • Monitoring the static content of the web servers and issue alarms if the transmitted content has been changed
  • Automatically close a web service or reconstruct the original content if a page has been attacked and changed
  • Passively log all data transmitted to-from the web servers - to retroactive disclose what was changed - how - and by whom.
  • Constantly monitoring the traffic flowing on the network and issue alarm if the nature or volume of the traffic is changing, indicating an attack is in progress or servers are malfunctioning

Passive sniffer technology ensures the integrity of your data. No matter how your network is attacked, Netlogger will remain unaffected and enable you to recreate the exact chain of event and restore your data

Deep Packet Inspection

True Deep packet inspection enables the Netlogger to search for and react upon patterns and strings found at any protocol level and all the way through the content data. With 10 GBit/s channel merging and back-logging - the full context of any stream can be monitored. When such data matches a predefined trigger or threshold the Netlogger can be set to issue commands to

  • Firewalls
  • Intrusion protection systems
  • Web Servers
  • Other Netloggers
or simply issue timely alerts to maintenance functions

Swiss cheese model


© Unispeed A/S
Last modified on May 22 2014