Intrusion Detection IPS for the SnapGear SG565Router Sceenshot

Back to the SnapGear SG565

Screenshots from

SG565 - Intrusion Prevention Network Setup Network Setup DHCP Server Web Cache Shares QoS Traffic Shaping SIP Firewall Incoming Access Definitions Packet Filtering NAT Connection Tracking Intrusion Detection Access Control Antivirus Antispam VPN PPTP VPN Client PPTP VPN Server L2TP VPN Client L2TP VPN Server IPSec Port Tunnels System Date and Time Backup/Restore Users Management Diagnostics Advanced Help and Support Copyright (C) 1999-2008 Secure Computing Corp. All rights reserved. Intrusion Prevention IDB Snort IPS Intrusion Prevention Intrusion prevention is an attempt to actively scan and remove network traffic that appears to have suspicious content. For this, the firewall subsystem of your SnapGear unit uses the snort packet matching engine and when a snort rule matches a packet stream, the stream is rejected and dropped. This differs from snort configured for intrusion detection where the same packet stream would merely be flagged as suspicious and let pass. Enabled Use less memory Snort has a number of different rule sets which can be enabled and disabled individually. Each additional rule set that is enabled provides more triggers for Snort to report upon and, in general, slows down Snort's performance and consequently the performance of this SnapGear unit. Rule set bad traffic exploit scan finger ftp telnet rpc rservices dos ddos dns tftp web (cgi) web (coldfusion) web (iis) web (frontpage) web (misc) web (client) web (php) sql x11 icmp netbios misc attack responses oracle mysql snmp email (smtp) email (imap) email (pop2) email (pop3) news (nntp) other ids web attacks backdoor shellcode policy pornography info icmp info virus chat multimedia p2p experimental  
Home > Screenshots > SnapGear > SG565 > Intrusion Detection IPS