Ahnlab Eps Information

Posted on by

AIPS

Advanced
Intrusion Prevention System

Some other features of AhnLab’s V3: Deep data wipe: V3 can securely delete the contents of folders that have the potential to leak confidential information. Deleted data is overwritten using a proprietary multi-pass algorithm that makes it impossible to recover. AhnLab V3 Internet Security delivers a comprehensive cyber security solution which is also cost-effective and user-friendly. Moreover, AhnLab V3 Internet Security occupies less system resources than other competitors’ solutions, thus delivering optimal endpoint protection while keeping productivity almost unaffected.

AhnLab AIPS is an Advanced Network Intrusion Prevention solution that protects customer’s business environment in response to changes in cybersecurity threats.

AhnLab AIPS (Advanced IPS) is a powerful network intrusion prevention solution that can respond to rapidly changing cyber security threats caused by digital transformations.

Security threats are rapidly changing with changes in the network environment. As the number of targets to attack increases and the method of attack varies, there are numerous variations. Along with these threats, Intrusion Prevention Solutions are also experiencing a change. Now it’s time to detect a lot of malware and defend against unknown attacks and more diverse attack elements and environments.

Based on AhnLab’s largest security threat analysis organization and infrastructure of Asia, AhnLab AIPS provides optimized network attack response signatures for network environments. While responding to the latest security threats with a variety of sophisticated detection engines and next-generation features, visibility and convenience make it easy and intuitive to identify and analyze threats.

  • Advanced detection engine and
    sophisticated signature-based next-generation
    Intrusion Prevention System

  • Highly capable of detecting and responding
    to threats with a variety of detection filters
    and acceleration technologies

  • High-performance packet
    processing system
    that combines the HW and SW technology

  • Adopting an Open API
    approach for collaboration with
    a variety of security solutions

  • Convenient GUI
    for quick and easy
    threat visibility

  • Improved threat analysis
    across multiple data and
    high degrees of freedom

AhnLab AIPS detects and blocks attacks based on network, OS, web and application vulnerabilities as well as various types of network-based attacks and malwares.

AIPS provides an easy and convenient operational management environment while securely protecting customer’s business against evolving network threats. It also ensures availability of networks and services with superior performance.

Intelligent Network Threat Detection
· Responds to security threats across multiple paths by advanced detection engines and next-generation IPS features
· Responds in advance to complex threats with malware detection and TMS linkage
Easy and Convenient Operation Management
· Easy and intuitive to view information with excellent visibility
· Detailed analysis of threat information with a variety of statistics and flexible Drill Down
Excellent Performance
· Enhanced performance of detection with high-performance of HW and acceleration technologies
· Provides fast and flexible analysis against a variety of threats by Big Data processing engines with high performance

Multiple Detection Engines for Security Threat Response

As the network environment changes, malware-based attacks are increasing along with the existed traffic-based attacks. AhnLab AIPS responds to evolving network security threats by Interworking with advanced detection engines, next-generation IPS features, and other security solutions.

Information
  • - High-performance pattern matching
  • - Application Control
  • - Behavioral detection (Flooding, Scanning. Etc.)
  • - Blocks abnormal protocol (HTTP, DNS, SIP)
  • - IP/MAC control (abnormal MAC, IP based Blacklist)
  • - Encrypted traffic analysis
  • - Detects and blocks C&C server access
  • - IP/TCP refragmentation and prevents bypassing attacks through XFF features
  • - YARA engine and signature (static analysis)
  • - Malicious file extraction
  • - Precious analysis through TMS

Information Visibility and Convenient GUI

AhnLab AIPS supports advanced information visibility to help users to quickly and easily recognize network conditions and analyze security threats. Custom dashboards and widgets allow administrators to organize dashboards with only the information they want. It scans threat events and generates custom statistics/analysis policies if continuous statistics and analysis are required.

Ahnlab eps information template

Ahnlab Eps Information Sheet

Enhanced Detection/Blocking Performance

AIPS detects and prevents large traffic without service failures or packet leakage through multicore CPU and AhnLab’s optimized programming, architectures for high-speed packet processing, and PCRE acceleration technologies. It provides improved performance with AFNIC (AhnLab FPGA NIC) support.

High-performance Searching and Threat Analysis

AhnLab AIPS applies a high-performance engine focused on Big Data processing to support fast log/event scanning and flexible statistics/analysis of numerous detected events.

Big data Processing-based High-performance Engine Applied

High-Speed Search
- Faster than competing products
- Only for Big Data processing
Various Analysis
- Supports accurate analysis of events through flexible search
- Perfect custom statistics/report
Resources Efficiency
- Efficiency of memory resources
- Storage space optimization
- Ensures high efficiency of low specification equipment

AIPS 2000

MAX IPS Throughput (UDP)

20G

CPU

8 Core

RAM

32GB

CFast

8GB

HDD

2TB

NIC Slot (Default/Max)

2 / 4

Interface

1GC

2
(Max 34 ports,
including Mgmt)

1GF

2 (Max 16 ports)

10GF

-

AFNIC

-

Bypass

Support

Power

550W Redundant

AIPS 4000

MAX IPS Throughput (UDP)

80G

CPU

20 Core

RAM

64GB

CFast

8GB

HDD

2TB

NIC Slot (Default/Max)

4 / 6

Interface

1GC

2
(Max 50 ports,
including Mgmt)

1GF

4 (Max 24 ports)

10GF

0 (Max 24 ports)

AFNIC

-

Bypass

Support

Power

550W Redundant

AIPS 10000

MAX IPS Throughput (UDP)

120G

CPU

28 Core

RAM

64GB

CFast

8GB

HDD

2TB

NIC Slot (Default/Max)

4 / 6

Interface

1GC

2
(Max 50 ports,
including Mgmt)

1GF

0 (Max 24 ports)

10GF

2 (Max 24 ports)

AFNIC

0 (Max 2 ports)
※ Cannot be used with Intel NIC

Bypass

Support

Power

550W Redundant

AhnLab EPS

Optimized Protection
for Fixed Function Systems​

Advanced cyber atta​cks targeting critical infrastructures and organizations of high-value have increased over the past several years. AhnLab EPS provides the control and management tools you need to protect your critical infrastructures from malicious threats.

Utilizing a lightweight agent, AhnLab EPS ensures system availability of various fixed function systems, such as Industrial Control Systems (ICS), Point of Sale (POS) Terminals, KIOSKs, and ATMs.

Ahnlab Eps Information

Business continuity and advanced endpoint protection is also ensured by AhnLab EPS with AhnLab’s exclusive whitelisting technology.​


Resources​

[Insights] How to Ensure System Availability ​ Read More >​

In critical infrastructures, it is important to quickly detect any existing threats to ensure a seamless operation or service. But most often, frequent security updates and patches can in​terfere with the operation, taking up a lot of time and system resources.

AhnLab EPS provides stable operation and optimized security for various environments. Through its advanced whitelisting technology, AhnLab EPS delivers cost-effective protection while also ensuring business continuity with simple and easy management.

Ahnlab Eps Information Management System

Simple, Easy Operation and Management

- Allows simple administration and implementation

- Provides application control based on intelligent whitelisting technology

- Enables easy management by only allowing authorized applications to be executed

- Ensures operational continuity with minimal use of system resources with a lightweight

Ensures Productivity and Business Continuity

- Prevents malware-induced security breaches

- Provides system stability without requiring signature or patch updates

- Minimizes the use of system resources with a lightweight agent, thus providing optimized protection for fixed function systems

Cost Efficient

- Reduces system and data restoration costs by preventing malware damages

- Reduces time and costs required for system security and maintenance

AhnLab ICM is a centralized security monitoring and management solution that simplifies the management of multiple AhnLab EPS servers by centralizing the data received from each server.

Ahnlab Eps Information Templates

AhnLab ICM collects and visualizes the data received from multiple AhnLab EPS servers, enabling users to quickly identify and respond to security issues found in devices connected to multiple servers.

AhnLab ICM allows businesses to efficiently monitor multiple systems through an intuitive user interface. The centralized management solution also provides businesses with reporting and notification services to reduce the TCO (Total Cost of Ownership).

Key Features

  • 1. Identify Risk Faster with Enhanced Visibility
    - Provides an intuitive dashboard that visualizes the status of multiple AhnLab EPS servers
    - Supports user-defined dashboard and detailed view of dashboard items
    - Enables status check/search on AhnLab EPS servers and agents connected to the server
  • 2. Reduce IT Workload with Centralized Security Policy
    - Allows simple application of AhnLab EPS main policies
    : Features include a search for exception list, delete all, search for disabled policies regarding malware
    - Provides search for history and results regarding the delivery of AhnLab EPS policies·commands distributed by AhnLab ICM
  • 3. Protect Efficiently with Simplified Security Management and Operation
    - Supports integration via EPSIC update without the migration of all servers (AhnLab EPS 2.1 or higher)
    - Provides software type/export setting to SIEM system in CEF, LEEF, Syslog format
    - Manages the latest downloads of malware scanning engines
    : Engine update server path must be set to AhnLab ICM in servers higher than AhnLab EPS 2.1

Operating Environment

AhnLab ICM Web Console

Category

System Requirements

CPU

Intel Core i5-6500 3.2GHz 4Core or more

Memory

4GB or more

Web Browser

Internet Explorer 11

※ More dashboard items are provided if Chrome 82 is available.

Supported Languages

Korean, English, Chinese (Simplified)

AhnLab ICM Web Console

Category

System Requirements

OS

RHEL 8

※ Recommended hardware specifications for servers required in the installation of AhnLab ICM may vary depending on the client's environment.

AhnLab EPS is provided in both Server-Client Type (Managed Type) and Standalone Type for various environments.

Ahnlab Eps Information Template

System Requirements

Hardware

- CPU: IntelⓇXeonⓇProcessor E5 Family (8 or more, 3GHz or more, 8MB Cache or more)

- Memory : 16GB

- HDD

• OS: 300GB x 2 (RAID 1) or more

• DATA: 1TB or more (RAID type recommended)​

OS

RHEL 7.6(64bit)​

Console Browser

Internet Explorer 8.0 or higher

System Requirements​

Hardware

- CPU ​: Pentium 133MHz or more

OS

* Embedded OS​

- Windows XP​ Embedded

- Windows Embedded Standard 2009

- Windows Embedded Standard 7

- Windows Embedded POSReady 2009

- Windows Embedded POSReady 7

- Windows Embedded 8.1 Industry (Pro, Enterprise)

* Client OS

- Windows 2000 Professional

- Windows XP (Professional)

- Windows Vista (Enterprise, Ultimate)

- Windows 7 (Professional, Enterprise, Ultimate)

- Windows 8, 8.1 (Professional, Enterprise)

- Windows 10 (Professional, Enterprise)

- Windows 10 loT Enterprise

* Server OS

- Windows 2000 (Server / Advanced Server)​

- Windows Server 2003 (Standard, Enterprise)

- Windows Server 2008 (Standard, Enterprise)

- Windows Server 2012 (Essentials, Standard)

- Windows Server 2016 (Essentials, Standard)

- Windows Server 2019 (Essentials, Standard)

EpsInformation

System Requirements​​​

Hardware

- CPU : Intel Family (32/64 bit)​

- Memory : 1GB or more​​​

- HDD : 500MB or more​​​

OS​

- CentOS​​: 3.3 ~ 8.1

-​ Red Hat Enterprise: 3.3 ~ 8.1

- Ubuntu 18.04

System Requirements​​​​

Hardware​

- CPU : Pentium 233MHz or more ​

- ​Memory : 64MB or more​​

- HDD ​: 1.5GB or more​​

OS

* Embedded OS​

- Windows Embedded Standard 2009

- Windows Embedded Standard 7

- Windows Embedded POSReady 2009

- Windows Embedded POSReady 7

- Windows Embedded 8.1 Industry (Pro, Enterprise)

* Client OS

- Windows XP SP3 (Professional)

- Windows Vista (Enterprise, Ultimate)

- Windows 7 (Professional, Enterprise, Ultimate)

- Windows 8, 8.1 (Professional, Enterprise)

- Windows 10 (Professional, Enterprise)

* Server OS

- Windows Server 2008 (Standard, Enterprise)

- Windows Server 2012 (Essentials, Standard)

- Windows Server 2016 (Essentials, Standard)