Strengthen your security...

"Intrusion detection systems (IDS) and intrusion prevention systems (IPS), which catch "known" threats, are hard-pressed to keep pace with today's ever-changing, application-specific exploits, according to experts."

— Kelly Jackson Higgins,
Senior Editor
Dark Reading, July 21, 2006

CounterStorm-1 Features

ACCURATE DETECTION

Combining behavioral attack recognition with statistical payload analysis, packet and traffic flow anomaly detection and a dynamic honeypot, CounterStorm-1 accurately detects attacks using any IP protocol without relying on signatures or patches.

REAL-TIME CORRELATION

CounterStorm-1’s sophisticated correlation engine aggregates and validates all suspicious activity from multiple detection components in real-time, providing instant, accurate and actionable data without disrupting normal business functions.

MULTIPLE AUTOMATED AND MANUAL RESPONSE TECHNIQUES

In active mode, CounterStorm-1 stops attacks automatically, providing the fastest and most effective protection against expensive, widespread damage. In addition, CounterStorm-1 offers a flexible manual response mode that can be easily utilized in any environment.

  • Network Switch Integration: CounterStorm-1 automatically locates the physical port of an infected machine and halts attack propagation by disabling the port or placing it on a “remediation VLAN” where clean-up can occur without the risk of further damage.
  • Custom Response: Provides a simple mechanism for creating customized responses to attacks, such as adding firewall or router ACLs.
  • VPN Quarantine: CounterStorm-1 detects an infected remote device, obtains the user’s access information, and either terminates the session, or allows an administrator to disable the account to prevent repeated logons.
  • Multiple Notification Options: IT staff members are immediately notified of attack activity via SNMP, syslog, e-mail or pager.

EASY TO INSTALL, DEPLOY AND MANAGE

CounterStorm-1 ensures enterprise-wide effectiveness and ease-of-use through a number of convenient, user-friendly features,
including:

  • Centralized Enterprise Management: The CounterStorm-1 Command Center manages a distributed deployment of CounterStorm-1 Sensors to provide an instant, enterprise-wide snapshot of attack and response activity.
  • Intuitive Graphical User Interface: Easy-to use, browser-based management interface allows for rapid configuration, real-time monitoring, and historical reporting of attack and response activity.
  • Plug-and-Play Installation: Appliance installs easily with no network downtime and requires no host-based agents.

PRODUCT BENEFITS

  • Designed specifically to address the unique requirements of internal network security.
  • Proactively protects against financially motivated targeted attacks.
  • Detects and stops attacks in seconds, allowing for uninterrupted business operation, even during attacks.
  • Works in auto-containment mode without fear of lost productivity from false positives.
  • Self-training decreases the administrative burden associated with tuning of network security products.
  • Prevents widespread propagation of targeted attacks, greatly reducing investigation and clean up costs.