Category:
Intrusion Detection System (IDS)
Modification:
Hardware
Virtual Appliance

Unauthorized access to computer networks is becoming a global threat, with increasingly diversified types and methods of intrusion. This is why an intrusion detection system (IDS) is an essential component in the security infrastructure of any company.    

ViPNet IDS NS will enhance the security of your information systems, data centers, workstations, servers, and telecommunication equipment to the required degree.   

ViPNet IDS NS is an effective and reliable intrusion detection system for corporate networks. The basic feature of the IDS is dynamic network traffic analysis on multiple layers of the OSI model, from the channel layer to the application layer.

ViPNet IDS NS immediately detects an intrusion and helps you mitigate its spread. When an intrusion is detected, the system registers an event, identifies the attack, and notifies the administrator immediately.


Use Cases

ViPNet IDS NS, together with other ViPNet products, facilitates the following:

  • Detects intrusions into an information system, helping you to mitigate their possible consequences.
  • Increases the security level of information systems, data centers, workstations, servers, and telecommunication equipment.
  • Determines the causes of cyber incidents.

Network connection

ViPNet IDS NS is connected to the network of controlled information systems via a T-shaped connection (a switch with a span-port or a TAP device). Traffic passing through the switch is mirrored and then transferred to ViPNet IDS NS.  Thus, ViPNet IDS NS does not affect traffic.

Management

  • You can manage ViPNet IDS NS both remotely via web access and locally, via Linux console.
  • You can assign different permissions to the appliance’s administrators according to a role model.

Attack detection

  • Detects network attacks almost in real time.
  • Detects network attacks using a signature-based and heuristic method of abnormal network traffic detection.
  • Supports 1 Gbps and 10 Gbps network interfaces.
  • Uses a monthly-updated database with more than 20,000 detection rules.

Attack logging

  • Logs detected events and attacks for further analysis.
  • Registers, displays, and exports IP packets with the registered events (attacks) into a PCAP file for further analysis using third-party software.
  • Exports information about registered events to the ViPNet StateWatcher monitoring system.

Management and analysis

  • Has an intuitive graphical user interface for management and monitoring.
  • Notifies a security system administrator about events by email.
  • Analyzes and displays cumulative statistics on detected attacks.
  • Controls traffic of certain hosts, selected by their IP addresses.

Virtual Appliances

Models

Specification

ViPNet IDS NS 100
  • Virtualization platforms:
    • VMware Workstation
    • VMware vSphere
  • Communication protocols with monitoring systems:
    • Syslog
    • Syslog (CEF format) — HP ArcSight
    • SNMP — ViPNet StateWatcher
Maximum Capacities Value
Intrusion detection system performance (Mbps) 140
ViPNet IDS NS 1000
  • Virtualization platforms:
    • VMware Workstation
    • VMware vSphere
  • Communication protocols with monitoring systems:
    • Syslog
    • Syslog (CEF format) — HP ArcSight
    • SNMP — ViPNet StateWatcher
Maximum Capacities Value
Intrusion detection system performance (Mbps) 950
ViPNet IDS NS 2000
  • Virtualization platforms:
    • VMware Workstation
    • VMware vSphere
  • Communication protocols with monitoring systems:
    • Syslog
    • Syslog (CEF format) – HP ArcSight
    • SNMP – ViPNet StateWatcher
Maximum Capacities Value
Intrusion detection system performance (Gbps) 6

Hardware Appliances

Models

Specification

ViPNet IDS NS 100
  • Form Factor: MiniPC
  • Network Interfaces: 4x RJ45 1 Gigabit Ethernet ports
  • Communication protocols with monitoring systems:
    • Syslog
    • Syslog (CEF format) – HP ArcSight
    • SNMP – ViPNet StateWatcher
Maximum Capacities Value
Intrusion detection system performance (Mbps) 140
ViPNet IDS NS 1000
  • Form Factor: 19” Rack 1U
  • Network Interfaces: 4x RJ45 1 Gigabit Ethernet ports
  • Communication protocols with monitoring systems:
    • Syslog
    • Syslog (CEF format) – HP ArcSight
    • SNMP – ViPNet StateWatcher
Maximum Capacities Value
Intrusion detection system performance (Mbps) 950
ViPNet IDS NS 2000
  • Form Factor: 19” Rack 1U
  • Network Interfaces: 4x RJ45 1 Gigabit Ethernet ports
    2x SFP+ 10 Gigabit Ethernet ports
  • Communication protocols with monitoring systems:
    • Syslog
    • Syslog (CEF format) – HP ArcSight
    • SNMP – ViPNet StateWatcher
Maximum Capacities Value
Intrusion detection system performance (Gbps) 6