IPS (Intrusion Prevention System)

Real-time Detection and Prevention for Intrusions in Homepage Server & Application Server

IPS provides real-time defense mechanisms by continuously updating intrusion detection policies that keep up with the countermeasure against the latest security threats.
With packet monitoring, IPS can detect at the application layer and monitor for suspicious traffic and application manipulation patterns.

Overview

  • Detection of the Latest Attack Tactics

    Detection rate is improved with signature management and detection pattern updates in readiness for the latest security threats. IPS provides its service by performing correlation analysis of attack patterns detected by IPS with configured patterns in SIEM (Security Information and Event Management).

  • Optimized for Cloud Operations

    IPS provides threat detection services optimized for cloud environment demanded by Korean Government. Its domain expert security team keeps cloud operations environment with the optimized configuration and can promptly respond to the security threats.

  • Effective Countermeasure and Support

    By monitoring events in real-time and providing notification upon analysis, preemptive response to security threats can be achieved. Additionally, monthly reports provide
    insights into detected events in detail including IP/Port, Date/Time and other attack status information.

01

04

Architecture Diagram (Enterprise)

Samsung Cloud Platform
  • Security Zone(Multi-AZ) : DDoS Protection → ( Secured Firewall → IPS: Hacking/Attacks, Detection/Response ) → WAF
  • service Pool : VPC ( WAF → disc )
  • Real-time Monitoring : 24/7 Security Monitoring → IPS
Attacker → Hacking Attacks → Samsung Cloud Platform Legitimate service user → Samsung Cloud Platform's DDoS Protection Attacker → Hacking Attacks → Samsung Cloud Platform

Architecture Diagram (Samsung)

Samsung Cloud Platform
  • Security Zone : DDoS Protection → Secured Firewall → IPS: Hacking/Attacks, Detection/Response → WAF
  • service Pool : VPC ( WAF → PC )
  • Real-time Monitoring : 24/7 Security Monitoring → IPS
Attacker → Hacking Attacks → Samsung Cloud Platform Legitimate service user → Samsung Cloud Platform's DDoS Protection Attacker → Hacking Attacks → Samsung Cloud Platform

Key Features

  • Intrusion detection and analysis

    - 24/7 event monitoring
    - Common rule-based detection and correlation-based detection pattern management
    - Raw data based in-depth analysis
    - Detailed logs for incident analysis support in the event of intrusions

  • Intrusion prevention

    - Latest threat detection pattern updates reflecting security trend information
    - Detection pattern optimized for effective real-time event response

  • Monitoring information

    - Alert raising in the event of event detection
    - Monthly reports on alert trend, alert list, etc.

Pricing

    • Billing
    • Subscription based on the number of VMs associated with its specification (e.g. vCore, Memory)
Let’s talk

Whether you’re looking for a specific business solution or just need some questions answered, we’re here to help

Get in Touch
Share