Cisco Cisco IDS 4215 Sensor Dati aggregati
All contents are Copyright © 1992–2004 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 1 of 3
PRODUCT BULLETIN NO. 2706
CISCO THREAT DEFENSE BUNDLES
DELIVERING COMPREHENSIVE THREAT DEFENSE FOR SMALL AND MIDSIZE BUSINESSES
Individually investigating alarms and mitigating attacks and their potential damage is no longer an effective strategy for busy networks. With
the prolific nature of worms, viruses, and application attacks, business continuity relies on proactive security solutions that stop malicious traffic,
protecting valuable data and information infrastructures.
Today, the technology to mitigate these threats is mature and readily available to small and midsize businesses (SMBs) through the Cisco Systems
®
Threat Defense bundle of network and host intrusion prevention system (IPS) software.
NETWORK INTRUSION PREVENTION
The Cisco IPS solution provides one of the first lines of defense against network attacks. Cisco IPS Sensor Software Version 5.0 accurately
identifies, classifies, and stops malicious traffic before it affects business continuity, protecting your data and information infrastructure. Cisco
IPS Sensor Software provides accurate and proactive protection through its multi-vector threat identification, which analyzes network data flow and
protects your network by accurately inspecting and identifying malicious applications, worms, and viruses in real time. Cisco surpasses traditional
prevention systems with the integration of accurate prevention technologies, stopping attacks before they occur. These technologies allow system
administrators to stop a broader range of threats without the risk of dropping legitimate traffic. In addition, Cisco’s IPS solutions collaborate with
the network providing enhanced scalability and resiliency, including efficient capture techniques, load balancing capabilities, and encrypted traffic
inspection.
The Cisco Threat Defense bundle is built around the Cisco IDS 4215 Sensor, a one-rack-unit (1-RU) inline sensor that delivers 80 Mbps of full-
featured intrusion protection that can be deployed to monitor multiple T1 and T3 environments (Figure 1).
Figure 1. The Cisco IDS 4215 Sensor
HOST INTRUSION PREVENTION
At the endpoint, the deployment of a host IPS provides protection against both worms and viruses. The host IPS monitors processes on the host
using a database of system policies. Rather than focusing exclusively on the attacks that are seen in the reconnaissance phases of network attacks, a
host IPS approaches the problem from the other direction, preventing malicious activity on the host by focusing on behavior. By changing the focus
to behavior, damaging activity can be detected and blocked—regardless of the attack.
Cisco Security Agent uses predefined and configurable security policies to determine whether a particular action or behavior is permitted. These
policies are stored on a central management console that is tightly integrated with the CiscoWorks VPN/Security Management Solution (VMS). The
Cisco Security Agent Management Console provides a central location where policies can be defined and downloaded by Cisco Security Agent