In this digital age, the network is and always will be the core foundation of any enterprise. As such, it is imperative for security teams to deploy systems capable of mitigating intrusion points. Hillstone Networks presents the updated NIPS v4.3, with improved performance and utility across the board. The NIPS serves as a first line of defense when it comes to securing your perimeter. NIPS can see, understand and act on its own, with help form guidelines delineated by the user.
Highlights of NIPS v4.3
HW upgrade bring massive processing guarantee:
With a new high-density interface, the NIPS v4.3 speed of operations are greatly enhanced and accelerated. Similar to a hardware refresh, these upgrades ensure elevated processing capabilities with the option for expansion. Expansion modules can potentially elevate the performance even further.
Reverse shell inspection:
Usually, connections are initiated by the user and a machine is the receiver. However, in the case of reverse shells, the opposite is true. If an internal machine can be compromised via commands, a reverse shell connection can be established. Reverse shell is a tactic that can go unnoticed by firewalls because while firewalls heavily manage incoming connections, they are much less uptight on outgoing connections. NIPS v4.3 can now monitor for any signs of reverse shell access attempts and can flag them for immediate review or simply halt the attempts.
Enhancement of content filtering:
NIPS v4.3 automatically recognizes genres of sensitive information (phone numbers, SSN, bank account information) and obscures them. This feature is extended to the filtering of content, such as DOCX, XLS, and other popular forms of content format. With so much content flowing in and out, it is essential to examine these files granularly to tie up loose ends and neutralize potential vulnerabilities. NIPS v4.3 is now able to inspect SSL or TLS encrypted traffic.
Enhancement of Attack defense:
IP scans are important for understanding the posture and status of current existing assets. Additionally, IP scanning capabilities are occasionally leveraged by attackers to investigate whether various hosts or servers have any open ports that can be compromised. One such example is the UDP port scan. By including UDP port scanning mitigation capabilities in NIPS v4.3, if suspicious port scanning-type actions are undertaken, NIPS will shut it down quickly.
Regular Expression Support on IPS Rules:
Configuration and O&M of security tools can still be a pain point at times, so we’ve decided to include regular expression capabilities during IPS rule configuration to allow for enhanced flexibility. Up to 4 regular expressions can be included on each rule that is being configured.
MPLS frame inspection:
MPLS, albeit expensive, still provides the best performance and best end-user experience. it is still a secure line that is being utilized by enterprises. By including MPLS frame inspection capabilities, NIPS v4.3 is now able to monitor the MPLS traffic on the perimeter and ensure that those dedicated lines are not congested and vulnerabilities are flagged down immediately.
To learn more about how NIPS is instrumental in building a cyber resilient security infrastructure, check out our data sheets, and don’t hesitate to reach out. We’d love to start a conversation with you.
