The growing complexity of networks is giving rise to a growing number of cyber risks, some of which are hidden in daily network traffic without being noticed. We are delighted to announce the release of Hillstone Network Intrusion Prevention System (NIPS) version 4.6, offering a more comprehensive and effective solution for traffic monitoring and threat detection.
Filter Malware and its Variants More Intelligently
New malware variants continue to emerge, making it increasingly difficult to detect among common malware. NIPS introduces a new intelligent Anti-Virus (AV) engine, which performs an additional scan on PE, PDF, OFFICE, and ELF files to filter out more latent malware variants. Combined with a newly added AV whitelist, this optimization helps users to identify the real “black sheep” with fewer false positives and a higher detection rate of malware.
Say Goodbye to Password Leaks and Account Theft in HTTP
Simple passwords may be convenient for users, but they are also easy for those attempting to crack them. NIPS can detect weak and plaintext passwords in HTTP by setting customizable requirements, such as character number, type or symmetric algorithm. Password that doesn’t match the requirements will be classified as a threat of corresponding type. In addition, NIPS can block brute force attacks by setting a customizable threshold that identifies users who exceed the login frequency limit as malicious. This reduces the possibility of password leaks and strengthens account security.
Expose the Attacker’s Tactics by MITRE ATT&CK
As a company matures, its security strategy typically shifts from passive defense to active defense. MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) mapping, introduced in this new release, provides a direct way to accomplish this. By mapping suspicious behaviors to similar procedures under a specific technique in the ATT&CK framework, we can gain a deeper understanding of their workflows in the attack and the susceptibilities caused to the current system or devices, as well as develop mitigation strategies in a more effective way.
Reveal the Attackers’ and Victims’ Identities in Little Time
NIPS includes different types of detection engines with different sets of logic, which may make it challenging to rapidly identify attackers and compromised assets (or victims) amidst sophisticated threats in complex network. To overcome this, NIPS has introduced the IP information of attackers and victims to threat logs, while showcasing the top five attackers and victims on the dashboard. This caters to various types of attacks, enabling users to trace the source of threats and have an overall assessment of security posture.
Hillstone next-generation NIPS integrates the capabilities of traditional IDS and IPS, delivering comprehensive protection against a wide range of threats. Furthermore, with the support of the powerful intrusion signature database, it forms a dynamic and proactive defense system, which provides operational security for customers across governments, enterprises, universities, and vendors, among others.
For more information, contact your Hillstone representative or authorized reseller.