Just a few weeks ago, we announced the release of Network Intrusion Prevention System (NIPS), version 4.0. IPS technology is widely deployed as an integral tool in protecting the network. Hillstone’s NIPS offers the most comprehensive high-performance inspection engine and best-of-breed signatures to deliver the highest threat detection rate with the lowest TCO in the industry.
NIPS v4.0 provides a number of key improvements aimed at enhancing the admin user experience, expanding inspection and protection to encrypted traffic, and a number of other key updates like support for Hillstone VSYS and a RESTful API, as well as a free basic Cloud Sandbox. Taken all together, the enhancements in v4.0 give IT and security teams strong defenses that are easy to use and understand, in-depth, and flexible to fit a wide variety of deployment scenarios.
Looking Under the Hood
One of the biggest enhancements in NIPS v4.0 is a complete WebUI refresh. Using input from our customers as well as best practices in design, we’ve completely overhauled the NIPS WebUI to provide a much-improved user experience. The dashboard provides a high-level overview of system status, top threats and hot events. The new iCenter provides an overview of critical threats, with the ability to drill down for further information.
New Threat Tagging
Previously, the threat names provided in NIPS could be difficult to understand, and sometimes the attack and the provided threat name did not correspond well. These factors could make it more difficult for admins to take appropriate action on attacks.
With NIPS v4.0, the threat names have been refined into 11 new threat tags, which are consistent across the four major threat detection engines (IPS, anti-virus, abnormal behavior detection and botnet). These threat tags are more intuitive for admins, and are used to mark threats and threat logs for at-a-glance perception and actionable insights. The tags can also be updated to keep pace with the changing threat landscape.
New in this version, NIPS supports a free basic version of the Cloud Sandbox, which can be used to safely execute suspicious files without risking damage to the network or individual devices. NIPS v4.0 also supports Hillstone’s VSYS, which virtualizes the CPU to allow segmentation of services for multiple communities of interest – for example, departments, branch offices or other divisions.
Also new in NIPS version 4.0 is support for a Restful API, which allows integration with third-party products such as security monitoring and other products. A new SSL proxy offloads SSL traffic decryption, allowing full inspection and application identification of encrypted traffic.
With the latest version NIPS software, network and security admins gain an unbeatable combination of ease of use, high accuracy, and in-depth inspection and protection. For more information about NIPS v4.0, contact your Hillstone sales representative or authorized reseller today!