Cisco Cisco IPS 4520 Sensor 데이터 시트
© 2013-2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 6
Data Sheet
Cisco Intrusion Prevention: Cisco IPS 4500 Series
Protect your data center and network aggregation points with context-aware intrusion
prevention.
prevention.
Attackers target data used by a variety of custom and commercial applications. Signature-only detection products
can provide only a one-dimensional - and sometimes incorrect - response. Only Cisco uses broad network context
through every stage of analysis, including passive OS fingerprinting, evasion techniques, and attack state across
signatures, as well as - an industry first - attacker identity, location, and behavior. These state of the art techniques
protect infrastructure and applications from advanced persistent threats (APT's) and other sophisticated attacks for
superior security protection.
The Cisco IPS 4500 Series delivers hardware-accelerated inspection, real-world performance, high port density,
and energy efficiency in an expansion-ready chassis for future growth and investment protection. Its small form
factor and low power consumption were specifically engineered for space-challenged data center environments.
With highly effective, out-of-the-box protection and automated threat management, your critical data center assets
are protected in minutes.
Figure 1. Cisco IPS 4500 Series
Context-Driven Protection for Critical Internal Applications
The modern enterprise runs a wide array of mission-critical commercial and highly customized applications. The
data within those applications is a high-value target for attackers, yet access to that data is what drives the
productivity and success of the enterprise. The challenge is providing full and rich access to authorized users while
protecting the integrity of the data center infrastructure and applications. Context-driven intrusion prevention is
essential for full protection. Consider these scenarios:
●
SQL injection or dynamic database query tool(s)? If your IPS can only provides one action when a SQL
injection signature fires, it lacks context awareness. Cisco IPS technology can determine the proper level of
action even after a signature has fired.
●
Target-scanning malware or working IT member? A large number of pings are emanating from a
traveling salesperson's laptop. Is it a bot seeking targets, or is it an IT team member trying to help
troubleshoot access to the customer relationship management (CRM) system?
●
An employee experimenting with a script or targeted attack? Should there be an all-hands investigation
or a simple logging of events? A context-driven IPS knows the difference.