Hillstone Networks is pleased to announce version 3.0 of its Server Breach Detection System (sBDS). Included in this release are two new hardware models to address the needs of customers across a broader spectrum of use cases. The I1850 model is 1RU and supports up to 1 Gbps breach detection throughput, which is ideal for lower-traffic servers where cost is a concern. The new high-end I5850 model expands the sBDS product line to 10 Gbps detection for high-traffic servers or server groups. The latter model is 2RU and offers four expansion slots to accommodate future needs.
The sBDS V3.0 also includes new capabilities such as ARP spoofing detection and RESTful API; multiple software optimizations are also included such as enhanced abnormal behavior detection, a default signature database for botnet C&C detection, and optimizations to the system’s reporting capabilities.
- New ARP spoofing detection capability. ARP spoofing allows an attacker to intercept, modify, or block network traffic. sBDS accurately identifies these attacks and notifies admins.
- New standard RESTful API interface. sBDS can now seamlessly integrate with third-party management platforms to allow management and monitoring while reducing TCO.
- Enhanced threat detection capabilities. Abnormal behavior detection is expanded on four new dimensions to allow detection of brute force cracking attempts and TOR-based suspicious HTTP requests, for example.
- Default botnet C&C signature database. A standalone engine dedicated to botnet C&C comes with a default signature database to enhance botnet command-and-control detection.
- Reporting optimizations and enhancements. The report framework has been optimized to include more relevant information and allow customization. It also adds analysis and provides recommendations to admins for further refinement and tuning.