Network Intrusion Detection Software | NetFort Technologies

By: Netfort Technologies  05/12/2011
Keywords: Traffic Analysis, Network Traffic

Intrusion detection

LANGuardian includes an advanced network intrusion detection system (IDS) that enables real-time detection and alerting of malicious events that occur on your network. Configured via a rule-based language, it can monitor network traffic using the signature, protocol, and anomaly methods of inspection.

The LANGuardian IDS uses several pre-processors to perform stateful protocol analysis and normalization of all requests and responses in a session or connection. This enables the system to identify threats that have several components, which can escape detection when data packets are analyzed individually.

The LANGuardian IDS is based on Snort, an open-source network intrusion prevention system that performs real-time traffic analysis on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and OS fingerprinting attempts.

The IDS is configured with over 1600 signatures that include DPI for HTTP, RPC, and Telnet protocols. The signatures cover the events that typically occur on a network, for example:

  • File accesses
  • Database operations
  • E-mail activity
  • Web access

The IDS signatures are continually updated and you can choose to apply the updates manually or automatically. You can also define your own signatures.

When the IDS detects an event that matches a signature, it stores the details in the LANGuardian database, including the source and destination IP addresses, the rule that triggered the event, and event-specific information.

Combined, the information stored in the database by the traffic analysis engine and the IDS provide a detailed snapshot of network activity, with efficient storage and no performance impact.

Keywords: Network Traffic, Traffic Analysis

Contact Netfort Technologies

Email

Print this page

Share

Other products and services from Netfort Technologies

05/12/2011

Network Bandwidth Monitoring Solutions | NetFort Technologies

LANGuardian monitors your bandwidth usage in the same unobtrusive way it monitors other aspects of network and user activity – it gathers information by analyzing the traffic flowing through your network, so there are no clients or agents to install, and there is no performance impact.


05/12/2011

Network Compliance Monitoring | NetFort Technologies

From internal policies to local laws and global industry standards, there are demands not only to comply, but also to demonstrate compliance, with an increasingly demanding regulatory environment. LANGuardian provides drilldown and reporting features that you can use to meet day-to-day compliance requirements, and it provides an independent and secure audit trail that cannot be modified.


05/12/2011

Copyright Infringement Software | NetFort Technologies

Monitoring traffic on default peer-to-peer ports such as 6346 (LimeWire TCP), 6347 (LimeWire UDP), 4662, 4672, 6881 (BitTorrent TCP) and 6889. Custom reports showing the presence of music and video files on the network. Reports showing downloads from known file-sharing sites such as Rapidshare.


05/12/2011

Database Audit Software | NetFort Technologies

It works by monitoring the network traffic that passes through the SPAN or NetFlow port on your core network switch, using deep packet inspection techniques to analyze the traffic and identify the SQL statements that users and applications are transmitting over network.


05/12/2011

File Share Monitoring Software | NetFort Technologies

Following a request by a distric office for a costly WAN link upgrade to address complaints by remote users about network performance, the network manager in a local authority used LANGuardian to generate a report of the users at that location who were consuming the most bandwidth.