Enterasys Dragon® 7 Network Intrusion Detection and Prevention DSNSA7-GIG-SX Benutzerhandbuch
Produktcode
DSNSA7-GIG-SX
Page 2 of 6 • Data Sheet
A d d i t i o n a l l y, many Dragon signatures and
alert options are designed to detect Zero
Day attacks. These multimethod detection
techniques— combined with an extensive,
frequently updated signature database
and false positive tuning capabilities—
ensure that no threat and policy violations
go undetected.
alert options are designed to detect Zero
Day attacks. These multimethod detection
techniques— combined with an extensive,
frequently updated signature database
and false positive tuning capabilities—
ensure that no threat and policy violations
go undetected.
Dragon’s Adaptive Match Engine and
multithreaded application gain significant
performance through software. The profile
of network traffic flowing through the
sensor is analyzed and then one of nine
algorithms is “adaptively” selected to
analyze the traffic. In this way, the Sensor
can use multiple detection algorithms
simultaneously while intelligently applying
each to the type of traffic it is best suited
to analyze.
multithreaded application gain significant
performance through software. The profile
of network traffic flowing through the
sensor is analyzed and then one of nine
algorithms is “adaptively” selected to
analyze the traffic. In this way, the Sensor
can use multiple detection algorithms
simultaneously while intelligently applying
each to the type of traffic it is best suited
to analyze.
Dragon Virtual Sensors allow for flexible
deployments in diverse environments by
enabling security administrators to con-
figure a single sensor to operate as if it is
multiple unique sensors. Dragon’s Virtual
Sensors apply to both IDS and IPS sen-
sors, and can be associated with Virtual
LANs, IP networks, physical ports, or
even TCP and UDP level applications.
Each sensor can be configured with
unique policies that define what analysis
techniques will be utilized and what event
alerts will be generated. Through Dragon’s
Virtual Sensor technology, a single Dragon
system can act as an IDS and an IPS at
the same time.
deployments in diverse environments by
enabling security administrators to con-
figure a single sensor to operate as if it is
multiple unique sensors. Dragon’s Virtual
Sensors apply to both IDS and IPS sen-
sors, and can be associated with Virtual
LANs, IP networks, physical ports, or
even TCP and UDP level applications.
Each sensor can be configured with
unique policies that define what analysis
techniques will be utilized and what event
alerts will be generated. Through Dragon’s
Virtual Sensor technology, a single Dragon
system can act as an IDS and an IPS at
the same time.
In addition to Intrusion Prevention actions,
the Network Sensor can employ a variety
of Active Response techniques to block
would-be intruders, worms or network
misusers by taking action either to terminate
the threat session directly or by reconfig-
uring firewalls, or switch and router policies
to block ongoing attempts to attack.
Dragon Network Sensors are also an integral
part of Enterasys’ Dynamic Intrusion
Response (DIR) solution, which provides
pinpoint threat mitigation down to its
point of entry into the campus. DIR works
in wired and wireless networks and
can quarantine, filter or disable network
access for the sources of the Dragon-
detected threat.
the Network Sensor can employ a variety
of Active Response techniques to block
would-be intruders, worms or network
misusers by taking action either to terminate
the threat session directly or by reconfig-
uring firewalls, or switch and router policies
to block ongoing attempts to attack.
Dragon Network Sensors are also an integral
part of Enterasys’ Dynamic Intrusion
Response (DIR) solution, which provides
pinpoint threat mitigation down to its
point of entry into the campus. DIR works
in wired and wireless networks and
can quarantine, filter or disable network
access for the sources of the Dragon-
detected threat.
Dragon Network Sensor offers market-
leading deep forensics capabilities,
including flexible packet capture and
complete session reconstruction. which
are essential to analyzing network-based
attacks. It also offers pre-event collection,
capturing packets preceeding, but related
to, packets that triggered an attack.
leading deep forensics capabilities,
including flexible packet capture and
complete session reconstruction. which
are essential to analyzing network-based
attacks. It also offers pre-event collection,
capturing packets preceeding, but related
to, packets that triggered an attack.
Dragon Network Sensor is centrally managed
via Dragon Enterprise Management
S e r v e r, which provides easy signature
and configuration management with live
updates. Customers can easily monitor the
activities of their IDS and IPS since all
actions taken and threats detected are
reported into Dragon’s management reporting
system.
via Dragon Enterprise Management
S e r v e r, which provides easy signature
and configuration management with live
updates. Customers can easily monitor the
activities of their IDS and IPS since all
actions taken and threats detected are
reported into Dragon’s management reporting
system.
17079,9013766-4_Drag_NS_DS 1/25/06 4:36 PM Page 2