HP X Unified Security Platform Series Bedienungsanleitung PDF herunterladen (Seite 325)

X Family LSM User’s Guide V 2.5.1 309

Digital Vaccine Filters

Digital Vaccine Filters block attacks and other malicious traffic from the network. Filters come with a

set of recommended (default) settings which specify the filter status (enabled or disabled), the type of

action to be taken when the filter is triggered (action set defined to permit or block traffic and/or send

a notification) and the Adaptive Filter Configuration (see page 60) setting (on or off). Users can accept

the default settings, or override them based on network security needs. Digital Vaccine filters are

categorized in the following groups: Application Protection (see page 308), Infrastructure Protection

(see page 310), and Performance Protection (see page 311).

Digital Vaccine filters are created by the Threat Management team that monitors global network

security threats and continually develops new attack filters which are automatically distributed to pre-

emptively protect against the exploit of new and zero day vulnerabilities. Updates are distributed using

Digital Vaccine Packages.

Digital Vaccine Package

Downloadable software update that includes Digital Vaccine filters that provide the most current IPS

protection for your network. The Digitial Vaccine Package is available from the Threat Management

Center (TMC) (https://tmc.tippingpoint.com). Devices can also be configured to download and install

the Digitial Vaccine packages automatically.

DDoS filters

Group of infrastructure protection filters that detect denial of service attacks which flood a network

with requests, including traditional SYN floods, DNS request floods against nameservers, and attempts

to use protected systems as reflectors or amplifiers in attacks against third parties. These filters detect

direct flood attacks and attacks hidden within larger packets and requests. DDoS filters include the

following filters: SYN Proxy, Connection Flood, and CPS Flood filters.

Exploit filters

Filters that protect software from malicious attacks across a network by detecting and blocking the

request. Exploits are attacks against a network using weaknesses in software such as operating systems

and applications. These attacks usually take the form of intrusion attempts and attempts to destroy or

capture data. These filters are part of the Application Protection (see page 308) filter category.

filter

Policy consisting of rules and conditions used to detect and manage malicious traffic on a network.

Each filter includes an action set

with instructions for managing data when the filter is triggered and

ategory settings. The LSM includes various types of filters, including Digital Vaccine filters in the

Performance Protection (see page 311), Application Protection (see page 308), Infrastructure

Protection (see page 310) categories along with traffic management, traffic threshold, and DDoS

filters.

Identity Theft filters

Filters protect end users from Phishing attacks by detecting and blocking connections to known Phish

sites and attacks. A Phishing Attack is typically an email or web site which has been spoofed to appear

as if it is from a well known financial or transaction institution. The attacks are usually geared to

obtain account information from the end user. These filters are part of the Application Protection (see

page 308) filter category.

1 2 ... 320 321 322 323 324 325 326 327 328 329 330 331 332 333

Kommentare zu diesen Handbüchern

Keine Kommentare

HP X Unified Security Platform Series Bedienungsanleitung Seite 325

Kommentare zu diesen Handbüchern

Verwandte Produkte und Handbücher für Vernetzung HP X Unified Security Platform Series