Cisco Systems WRVS4400N Manual De Usuario
Networking and Security Basics
The Intrusion Prevention System (IPS)
Cisco WRVS4400N Wireless-N Gigabit Security Router with VPN Administration Guide
11
2
The Intrusion Prevention System (IPS)
IPS is an advanced technology to protect your network from malicious attacks. IPS
works together with your SPI Firewall, IP Based Access Control List (ACL),
Network Address Port Translation (NAPT), and Virtual Private Network (VPN) to
achieve the highest level of security. IPS works by providing real-time detection
and prevention as an in-line module in a router.
works together with your SPI Firewall, IP Based Access Control List (ACL),
Network Address Port Translation (NAPT), and Virtual Private Network (VPN) to
achieve the highest level of security. IPS works by providing real-time detection
and prevention as an in-line module in a router.
The WRVS4400N wireless router has hardware-based acceleration for real-time
pattern matching for detecting malicious attacks. It actively filters and drops
malicious TCP/UDP/ICMP/IGMP packets and can reset TCP connections. This
protects your client personal computers and servers running various operating
systems including Windows, Linux, and Solaris from network worm attacks.
However, this system does not prevent viruses contained in e-mail attachments.
pattern matching for detecting malicious attacks. It actively filters and drops
malicious TCP/UDP/ICMP/IGMP packets and can reset TCP connections. This
protects your client personal computers and servers running various operating
systems including Windows, Linux, and Solaris from network worm attacks.
However, this system does not prevent viruses contained in e-mail attachments.
The P2P (peer to peer) and IM (instant messaging) control allows you to prevent
network users from using those protocols to communicate with people over the
Internet. This helps the administrators to set up company policies on how to use
their Internet bandwidth wisely.
network users from using those protocols to communicate with people over the
Internet. This helps the administrators to set up company policies on how to use
their Internet bandwidth wisely.
The signature file is the heart of the IPS system. It is similar to the virus definition
files on your personal computer’s Anti-Virus programs. IPS uses this file to match
against packets coming in to the Router and performs actions accordingly. As of
today, the Wireless-N Router is shipped with signature file version 1.3.8 and with a
total of 1101 rules. The rules cover the following categories: DDoS, Buffer
Overflow, Access Control, Scan, Trojan Horse, Misc., P2P, IM, Virus, Worm, and
Web Attacks.
files on your personal computer’s Anti-Virus programs. IPS uses this file to match
against packets coming in to the Router and performs actions accordingly. As of
today, the Wireless-N Router is shipped with signature file version 1.3.8 and with a
total of 1101 rules. The rules cover the following categories: DDoS, Buffer
Overflow, Access Control, Scan, Trojan Horse, Misc., P2P, IM, Virus, Worm, and
Web Attacks.
It is recommended that you update your IPS signature file regularly to thwart new
attack types.
attack types.
The following diagram illustrates a number of IPS scenarios.