Intrusion Prevention System on ESR routers with «Kaspersky Lab» technologies
16 November 2020 Eltex offers a collaborative solution with Kaspersky Lab: IPS on ESR routers using Kaspersky SafeStream II technology. The technology is used for stream traffic scanning at the network gateway level in order to detect the most dangerous and widespread threats. Kaspersky SafeStream II provides fairly effective threat neutralization combined with maximum performance. The solution is designed to protect corporate customer networks, and special offers are available for healthcare and educational institutions.Integration with «Kaspersky» security infrastructure (including Kaspersky Security Network's cloud-based «Collective Intelligence») and use of Kaspersky SafeStream II technology allows ESR routers to detect malware in all types of traffic:
- Web;
- Email;
- P2P;
- Instant messaging services, etc.
As a result, users are protected from the most dangerous cyber threats, including zero-day threats, encryption programs, infected sites and other types.
Flexible system configuration allows you to best match the scheme of IPS to the needs of the customer. For example, you can limit the number of rules used to optimize system performance. Available sets of rules:
- IP address Reputation Data – a set of IP addresses with contextual information that reports suspicious and malicious hosts;
- URLs of malicious links – a set of URLs corresponding to dangerous links and websites;
- URLs of phishing links – a set of URLs recognized by Kaspersky Lab as phishing. Masked and unmasked entries are available;
- URLs of botnet command servers – a set of URLs of botnet command servers and associated malicious objects
- URLs of encryptors – set of encryptor URLs;
- Hashes of malicious objects – a set of file hashes that covers the most dangerous and common, as well as the newest malicious programs;
- Hashes of malicious objects for mobile devices – a set of file hashes to detect malicious objects infecting mobile devices;
- P-SMS Trojan data – a set of Trojan hashes with contextual information to detect SMS Trojans calling from cell phones to paid numbers, as well as allow the attacker to intercept SMS messages, respond to them and delete them;
- URLs of botnet command servers for mobile devices – a set of URLs with contextual information to identify botnet command servers using mobile devices;
- URLs of websites used to host malicious programs that infect Internet of Things (IoT) devices.
