Ahnlab Tms



AIPS

  1. Ahnlab Scan
  2. Ahnlab Trusguard Utm
  1. Ems는 다수의 안랩 엔드포인트 보안 솔루션의 설치 및 운용에 최적화된 하드웨어 기반의 엔드포인트 관리 시스템으로, 기업 엔드포인트의 보안 수준을 강화하고 보안 위협 발생 시 효과적으로 대처할 수 있습니다.
  2. 시큐리티 레터를 통하여 AhnLab이 엄선한 최신 보안정보를 1주일에 한번씩 E-mail로 받아보실 수 있습니다.
  3. (우)13493, 경기도 성남시 분당구 판교역로 220 사업자등록번호: 26 (c) Ahnlab, Inc. All right reserved.

AhnLab MDS is the only solution that delivers fast, truly comprehensive host and network protection against known and unknown malware, zero-day exploits,. Faq는 개인 제품을 사용하면서 궁금하신 사항에 대한 해결책을 제시합니다.

Advanced
Intrusion Prevention System

AhnLab AIPS is an Advanced Network Intrusion Prevention solution that protects customer’s business environment in response to changes in cybersecurity threats.

AhnLab AIPS (Advanced IPS) is a powerful network intrusion prevention solution that can respond to rapidly changing cyber security threats caused by digital transformations.

Security threats are rapidly changing with changes in the network environment. As the number of targets to attack increases and the method of attack varies, there are numerous variations. Along with these threats, Intrusion Prevention Solutions are also experiencing a change. Now it’s time to detect a lot of malware and defend against unknown attacks and more diverse attack elements and environments.

Based on AhnLab’s largest security threat analysis organization and infrastructure of Asia, AhnLab AIPS provides optimized network attack response signatures for network environments. While responding to the latest security threats with a variety of sophisticated detection engines and next-generation features, visibility and convenience make it easy and intuitive to identify and analyze threats.

  • Advanced detection engine and
    sophisticated signature-based next-generation
    Intrusion Prevention System

  • Highly capable of detecting and responding
    to threats with a variety of detection filters
    and acceleration technologies

  • High-performance packet
    processing system

    that combines the HW and SW technology

  • Adopting an Open API
    approach for collaboration with
    a variety of security solutions

  • Convenient GUI
    for quick and easy
    threat visibility

  • Improved threat analysis
    across multiple data and
    high degrees of freedom

AhnLab AIPS detects and blocks attacks based on network, OS, web and application vulnerabilities as well as various types of network-based attacks and malwares.

AIPS provides an easy and convenient operational management environment while securely protecting customer’s business against evolving network threats. It also ensures availability of networks and services with superior performance.

Ahnlab Tms
Intelligent Network Threat Detection
· Responds to security threats across multiple paths by advanced detection engines and next-generation IPS features
· Responds in advance to complex threats with malware detection and TMS linkage
Easy and Convenient Operation Management
· Easy and intuitive to view information with excellent visibility
· Detailed analysis of threat information with a variety of statistics and flexible Drill Down
Excellent Performance
· Enhanced performance of detection with high-performance of HW and acceleration technologies
· Provides fast and flexible analysis against a variety of threats by Big Data processing engines with high performance

Multiple Detection Engines for Security Threat Response

As the network environment changes, malware-based attacks are increasing along with the existed traffic-based attacks. AhnLab AIPS responds to evolving network security threats by Interworking with advanced detection engines, next-generation IPS features, and other security solutions.

  • - High-performance pattern matching
  • - Application Control
  • - Behavioral detection (Flooding, Scanning. Etc.)
  • - Blocks abnormal protocol (HTTP, DNS, SIP)
  • - IP/MAC control (abnormal MAC, IP based Blacklist)
  • - Encrypted traffic analysis
  • - Detects and blocks C&C server access
  • - IP/TCP refragmentation and prevents bypassing attacks through XFF features
  • - YARA engine and signature (static analysis)
  • - Malicious file extraction
  • - Precious analysis through TMS

Information Visibility and Convenient GUI

AhnLab AIPS supports advanced information visibility to help users to quickly and easily recognize network conditions and analyze security threats. Custom dashboards and widgets allow administrators to organize dashboards with only the information they want. It scans threat events and generates custom statistics/analysis policies if continuous statistics and analysis are required.

Enhanced Detection/Blocking Performance

AIPS detects and prevents large traffic without service failures or packet leakage through multicore CPU and AhnLab’s optimized programming, architectures for high-speed packet processing, and PCRE acceleration technologies. It provides improved performance with AFNIC (AhnLab FPGA NIC) support.

High-performance Searching and Threat Analysis

AhnLab AIPS applies a high-performance engine focused on Big Data processing to support fast log/event scanning and flexible statistics/analysis of numerous detected events.

Big data Processing-based High-performance Engine Applied

High-Speed Search
- Faster than competing products
- Only for Big Data processing
Various Analysis
- Supports accurate analysis of events through flexible search
- Perfect custom statistics/report
Resources Efficiency
- Efficiency of memory resources
- Storage space optimization
- Ensures high efficiency of low specification equipment

Ahnlab Scan

AIPS 2000

MAX IPS Throughput (UDP)

20G

CPU

8 Core

RAM

32GB

CFast

8GB

HDD

2TB

NIC Slot (Default/Max)

2 / 4

Interface

1GC

2
(Max 34 ports,
including Mgmt)

1GF

2 (Max 16 ports)

10GF

-

AFNIC

-

Bypass

Support

Power

550W Redundant

AIPS 4000

MAX IPS Throughput (UDP)

80G

CPU

20 Core

RAM

64GB

CFast

8GB

HDD

2TB

NIC Slot (Default/Max)

4 / 6

Interface

1GC

2
(Max 50 ports,
including Mgmt)

1GF

4 (Max 24 ports)

10GF

0 (Max 24 ports)

AFNIC

-

Bypass

Support

Power

550W Redundant

AIPS 10000

MAX IPS Throughput (UDP)

120G

CPU

28 Core

RAM

64GB

CFast

8GB

HDD

2TB

NIC Slot (Default/Max)

4 / 6

Interface

1GC

2
(Max 50 ports,
including Mgmt)

1GF

0 (Max 24 ports)

10GF

2 (Max 24 ports)

AFNIC

0 (Max 2 ports)
※ Cannot be used with Intel NIC

Bypass

Support

Power

550W Redundant

Overview

An increasing number of businesses are migrating their workloads to cloud environments to accelerate digital transformation. However, cloud environments requires a new security platform for centralized visibility and management of cloud workloads.

AhnLab CPP is a single, centralized cloud workload protection platform that focuses on providing optimized protection, unified management, and flexibility for workloads in hybrid environments.

Optimized Protection for Hybrid ㆍMulti-cloud Environments

  • - Provides comprehensive visibility and easy management for workloads in on-premise and cloud server (AWS, Azure) environments
  • - Supports automatic identification for autoscaling cloud server workloads

Unified Operation and Management

  • - Delivers easy operation and management through a single, web-based management platform
  • - Supports quick and simple operations with Intrusion Prevention, Firewall, Application Control, and Anti-malware
  • - Provides integration with 3rd-party solutions via Open API
  • - Enables SIEM, ESM integration via syslog logging

Flexible and Cost-efficient

  • - Provides module-based CPP Management, which enables flexible configuration according to the business environment
  • - Saves cost by allowing selective installation and application of security solutions

Application Control

Ahnlab Trusguard Utm

  • - Allows execution of trusted applications only
  • - Ensures system stability by providing various control modes

Anti-malware

  • - Provides real-time malware scan with minimal impact on resources and performance
  • - Supports manual and scheduled scan

Firewall

  • - Enables IP, Port , protocol-based network control
  • - Supports geo-IP blocking

Intrusion Prevention

  • - Detects and blocks network intrusion attacks
  • - Blocks attacks within​ internal servers as well as attacks between external and internal servers
  • - Provides signature recommendation
  • - Supports IDS mode