Zyxel Intrusion Prevention System - LIC-IDP, Application Patrol - LIC-APM Datasheet

Intrusion Detection and Prevention (IDP) &
Application Patrol

Security Service

Today’s networks are under attack from an ever-expanding array of threats

- viruses, malware, and other exploits. Hackers are increasingly adept at
avoiding detection, and unlike with automated threats like viruses, the
goal of these intrusions is often the theft of specific personal or financial
information. For this reason, users need more reliable safeguards to protect
private data.

Zyxel Intrusion Detection and Prevention (IDP) provides a high-performance
deep packet inspection engine to examine all incoming and outgoing traffic ­including SSL traffic - for protocol deviations, content that signals an attack,
or policy violations. Zyxel IDP can operate in detection and prevention modes
to defend operating systems and shield enterprise application vulnerabilities.
Zyxel IDP protects web applications from application-layer attacks including
SQL injection and cross-site scripting. Detailed events provide valuable
information, including who attacked, when the attack occurred, and what the
attacker attempted to exploit. Administrators can be automatically notified
via alerts when an incident occurs.

Managing employees who waste too much time on non-work related
applications can be a major challenge for businesses. Administrators face
losing not only productivity, but network bandwidth to unrestricted Internet
use. Zyxel Application Patrol - leverage Deep Packet Inspection module

- controls employee network use and covers 19 categories of application,
allowing businesses customize management protocols based on specific
applications and behaviors.

Virtual patching: Shields
vulnerabilities before they can
be exploited and eliminates
the operational pains of
emergency patching, frequent
patch cycles, and costly
system downtime

Cost-effective solution:
Provides network-wide
protection for all users
configured behind firewall with
a single IPS subscription

Granular and precise:

Identifies and controls
thousands of applications and
its behavior

Flexibly bandwidth: Various
control mode including
Prioritize, BWM (bandwidth
management), Block

IDP Benefits

Threat prevention with SSL inspection

Secure Sockets Layer (SSL) encryption has seen extensive worldwide
proliferation, with many popular Web and cloud-based services like Dropbox
and Gmail offering users the ability to have their entire sessions encrypted.
Unfortunately, attackers are also turning to encryption to evade detection,
increasing the prevalence of malicious activity. Enterprises now face the
challenge of how to inspect incoming and outgoing traffic for threats under
SSL encryption.

Datasheet IDP & Application Patrol

SSL inspection is the key to protecting your network from
these threats. Zyxel IDP service supports SSL inspection,
helping to scan the content at a URL accessed over SSL
to apply policies and detect malware and viruses at the
URL level. This action blocks threats that are hidden in
SSL encrypted connections and facilitates deeper policy
enforcement.

Continuous defense for superior protection

Zyxel IDP service provides weekly signature refreshment
to all the subscribed appliances. Signatures are updated
without interruption as new threats emerge, so you
never have to leave your network exposed. Capability
with imported customized signature is also provided for
networks with specific defense needs.

Full coverage of network threats

Zyxel IDP service supports layer 7 context-aware threat
analysis, as well as behavior analysis, for detection of
encrypted threats and applications to protect against
both client-side and server-side vulnerabilities. The IDP
signature can identify a wide variety of malware threats
and attacks such as Trojans, backdoor applications,
and DoS attacks, as well as other security hazards. We
provide full protection, whether facing anomaly-based or
vulnerability-based threats.

DoS

Access

Control

Buffer

Overflow

Scan

Application Patrol Benefits

Continuous strengthening and precise
categorization

Zyxel Application Patrol is designed to provide the layer 7
application management, categorize covers the well-known
network applications such as social, gaming, productivity,
and other web applications and behaviors. Zyxel database
supports over thousands of applications and its behaviors,
along with the growing and ever-changing applications,
our operate work with the repeating collect, analyze and
Inspect verify flow cycle.

Release

Double

Verification

Trojan/

Backdoor

Web Attack

Application Signature

Development Flow

Malware

Others

Application

Collection

Install

Beta-Site
Deploy

Playback

2Datasheet IDP & Application Patrol

Analyze