AIPS
Advanced
Intrusion Prevention System
Some other features of AhnLab’s V3: Deep data wipe: V3 can securely delete the contents of folders that have the potential to leak confidential information. Deleted data is overwritten using a proprietary multi-pass algorithm that makes it impossible to recover. AhnLab V3 Internet Security delivers a comprehensive cyber security solution which is also cost-effective and user-friendly. Moreover, AhnLab V3 Internet Security occupies less system resources than other competitors’ solutions, thus delivering optimal endpoint protection while keeping productivity almost unaffected.
AhnLab AIPS is an Advanced Network Intrusion Prevention solution that protects customer’s business environment in response to changes in cybersecurity threats.
AhnLab AIPS (Advanced IPS) is a powerful network intrusion prevention solution that can respond to rapidly changing cyber security threats caused by digital transformations.
Security threats are rapidly changing with changes in the network environment. As the number of targets to attack increases and the method of attack varies, there are numerous variations. Along with these threats, Intrusion Prevention Solutions are also experiencing a change. Now it’s time to detect a lot of malware and defend against unknown attacks and more diverse attack elements and environments.
Based on AhnLab’s largest security threat analysis organization and infrastructure of Asia, AhnLab AIPS provides optimized network attack response signatures for network environments. While responding to the latest security threats with a variety of sophisticated detection engines and next-generation features, visibility and convenience make it easy and intuitive to identify and analyze threats.
Advanced detection engine and
sophisticated signature-based next-generation
Intrusion Prevention SystemHighly capable of detecting and responding
to threats with a variety of detection filters
and acceleration technologiesHigh-performance packet
processing system
that combines the HW and SW technologyAdopting an Open API
approach for collaboration with
a variety of security solutionsConvenient GUI
for quick and easy
threat visibilityImproved threat analysis
across multiple data and
high degrees of freedom
AhnLab AIPS detects and blocks attacks based on network, OS, web and application vulnerabilities as well as various types of network-based attacks and malwares.
AIPS provides an easy and convenient operational management environment while securely protecting customer’s business against evolving network threats. It also ensures availability of networks and services with superior performance.
- Intelligent Network Threat Detection
- · Responds to security threats across multiple paths by advanced detection engines and next-generation IPS features
- · Responds in advance to complex threats with malware detection and TMS linkage
- Easy and Convenient Operation Management
- · Easy and intuitive to view information with excellent visibility
- · Detailed analysis of threat information with a variety of statistics and flexible Drill Down
- Excellent Performance
- · Enhanced performance of detection with high-performance of HW and acceleration technologies
- · Provides fast and flexible analysis against a variety of threats by Big Data processing engines with high performance
Multiple Detection Engines for Security Threat Response
As the network environment changes, malware-based attacks are increasing along with the existed traffic-based attacks. AhnLab AIPS responds to evolving network security threats by Interworking with advanced detection engines, next-generation IPS features, and other security solutions.
- - High-performance pattern matching
- - Application Control
- - Behavioral detection (Flooding, Scanning. Etc.)
- - Blocks abnormal protocol (HTTP, DNS, SIP)
- - IP/MAC control (abnormal MAC, IP based Blacklist)
- - Encrypted traffic analysis
- - Detects and blocks C&C server access
- - IP/TCP refragmentation and prevents bypassing attacks through XFF features
- - YARA engine and signature (static analysis)
- - Malicious file extraction
- - Precious analysis through TMS
Information Visibility and Convenient GUI
AhnLab AIPS supports advanced information visibility to help users to quickly and easily recognize network conditions and analyze security threats. Custom dashboards and widgets allow administrators to organize dashboards with only the information they want. It scans threat events and generates custom statistics/analysis policies if continuous statistics and analysis are required.
Ahnlab Eps Information Sheet
Enhanced Detection/Blocking Performance
AIPS detects and prevents large traffic without service failures or packet leakage through multicore CPU and AhnLab’s optimized programming, architectures for high-speed packet processing, and PCRE acceleration technologies. It provides improved performance with AFNIC (AhnLab FPGA NIC) support.
High-performance Searching and Threat Analysis
AhnLab AIPS applies a high-performance engine focused on Big Data processing to support fast log/event scanning and flexible statistics/analysis of numerous detected events.
Big data Processing-based High-performance Engine Applied
- High-Speed Search
- - Faster than competing products
- - Only for Big Data processing
- Various Analysis
- - Supports accurate analysis of events through flexible search
- - Perfect custom statistics/report
- Resources Efficiency
- - Efficiency of memory resources
- - Storage space optimization
- - Ensures high efficiency of low specification equipment
AIPS 2000 | ||
MAX IPS Throughput (UDP) | 20G | |
CPU | 8 Core | |
RAM | 32GB | |
CFast | 8GB | |
HDD | 2TB | |
NIC Slot (Default/Max) | 2 / 4 | |
Interface | 1GC | 2 |
1GF | 2 (Max 16 ports) | |
10GF | - | |
AFNIC | - | |
Bypass | Support | |
Power | 550W Redundant |
AIPS 4000 | ||
MAX IPS Throughput (UDP) | 80G | |
CPU | 20 Core | |
RAM | 64GB | |
CFast | 8GB | |
HDD | 2TB | |
NIC Slot (Default/Max) | 4 / 6 | |
Interface | 1GC | 2 |
1GF | 4 (Max 24 ports) | |
10GF | 0 (Max 24 ports) | |
AFNIC | - | |
Bypass | Support | |
Power | 550W Redundant |
AIPS 10000 | ||
MAX IPS Throughput (UDP) | 120G | |
CPU | 28 Core | |
RAM | 64GB | |
CFast | 8GB | |
HDD | 2TB | |
NIC Slot (Default/Max) | 4 / 6 | |
Interface | 1GC | 2 |
1GF | 0 (Max 24 ports) | |
10GF | 2 (Max 24 ports) | |
AFNIC | 0 (Max 2 ports) | |
Bypass | Support | |
Power | 550W Redundant |
AhnLab EPS
Optimized Protection
for Fixed Function Systems
Advanced cyber attacks targeting critical infrastructures and organizations of high-value have increased over the past several years. AhnLab EPS provides the control and management tools you need to protect your critical infrastructures from malicious threats.
Utilizing a lightweight agent, AhnLab EPS ensures system availability of various fixed function systems, such as Industrial Control Systems (ICS), Point of Sale (POS) Terminals, KIOSKs, and ATMs.
Business continuity and advanced endpoint protection is also ensured by AhnLab EPS with AhnLab’s exclusive whitelisting technology.
[Insights] How to Ensure System Availability Read More >
In critical infrastructures, it is important to quickly detect any existing threats to ensure a seamless operation or service. But most often, frequent security updates and patches can interfere with the operation, taking up a lot of time and system resources.
AhnLab EPS provides stable operation and optimized security for various environments. Through its advanced whitelisting technology, AhnLab EPS delivers cost-effective protection while also ensuring business continuity with simple and easy management.
Ahnlab Eps Information Management System
Simple, Easy Operation and Management
- Allows simple administration and implementation
- Provides application control based on intelligent whitelisting technology
- Enables easy management by only allowing authorized applications to be executed
- Ensures operational continuity with minimal use of system resources with a lightweight
Ensures Productivity and Business Continuity
- Prevents malware-induced security breaches
- Provides system stability without requiring signature or patch updates
- Minimizes the use of system resources with a lightweight agent, thus providing optimized protection for fixed function systems
Cost Efficient
- Reduces system and data restoration costs by preventing malware damages
- Reduces time and costs required for system security and maintenance
AhnLab ICM is a centralized security monitoring and management solution that simplifies the management of multiple AhnLab EPS servers by centralizing the data received from each server.
Ahnlab Eps Information Templates
AhnLab ICM collects and visualizes the data received from multiple AhnLab EPS servers, enabling users to quickly identify and respond to security issues found in devices connected to multiple servers.
AhnLab ICM allows businesses to efficiently monitor multiple systems through an intuitive user interface. The centralized management solution also provides businesses with reporting and notification services to reduce the TCO (Total Cost of Ownership).
Key Features
- 1. Identify Risk Faster with Enhanced Visibility
- - Provides an intuitive dashboard that visualizes the status of multiple AhnLab EPS servers
- - Supports user-defined dashboard and detailed view of dashboard items
- - Enables status check/search on AhnLab EPS servers and agents connected to the server
- 2. Reduce IT Workload with Centralized Security Policy
- - Allows simple application of AhnLab EPS main policies
: Features include a search for exception list, delete all, search for disabled policies regarding malware - - Provides search for history and results regarding the delivery of AhnLab EPS policies·commands distributed by AhnLab ICM
- 3. Protect Efficiently with Simplified Security Management and Operation
- - Supports integration via EPSIC update without the migration of all servers (AhnLab EPS 2.1 or higher)
- - Provides software type/export setting to SIEM system in CEF, LEEF, Syslog format
- - Manages the latest downloads of malware scanning engines
: Engine update server path must be set to AhnLab ICM in servers higher than AhnLab EPS 2.1
Operating Environment
AhnLab ICM Web Console
Category | System Requirements |
---|---|
CPU | Intel Core i5-6500 3.2GHz 4Core or more |
Memory | 4GB or more |
Web Browser | Internet Explorer 11 ※ More dashboard items are provided if Chrome 82 is available. |
Supported Languages | Korean, English, Chinese (Simplified) |
AhnLab ICM Web Console
Category | System Requirements |
---|---|
OS | RHEL 8 |
※ Recommended hardware specifications for servers required in the installation of AhnLab ICM may vary depending on the client's environment.
AhnLab EPS is provided in both Server-Client Type (Managed Type) and Standalone Type for various environments.
Ahnlab Eps Information Template
System Requirements | |
Hardware | - CPU: IntelⓇXeonⓇProcessor E5 Family (8 or more, 3GHz or more, 8MB Cache or more) - Memory : 16GB - HDD • OS: 300GB x 2 (RAID 1) or more • DATA: 1TB or more (RAID type recommended) |
OS | RHEL 7.6(64bit) |
Console Browser | Internet Explorer 8.0 or higher |
System Requirements | |
Hardware | - CPU : Pentium 133MHz or more |
OS | * Embedded OS - Windows XP Embedded - Windows Embedded Standard 2009 - Windows Embedded Standard 7 - Windows Embedded POSReady 2009 - Windows Embedded POSReady 7 - Windows Embedded 8.1 Industry (Pro, Enterprise) |
* Client OS - Windows 2000 Professional - Windows XP (Professional) - Windows Vista (Enterprise, Ultimate) - Windows 7 (Professional, Enterprise, Ultimate) - Windows 8, 8.1 (Professional, Enterprise) - Windows 10 (Professional, Enterprise) - Windows 10 loT Enterprise | |
* Server OS - Windows 2000 (Server / Advanced Server) - Windows Server 2003 (Standard, Enterprise) - Windows Server 2008 (Standard, Enterprise) - Windows Server 2012 (Essentials, Standard) - Windows Server 2016 (Essentials, Standard) - Windows Server 2019 (Essentials, Standard) |
System Requirements | |
Hardware | - CPU : Intel Family (32/64 bit) - Memory : 1GB or more - HDD : 500MB or more |
OS | - CentOS: 3.3 ~ 8.1 - Red Hat Enterprise: 3.3 ~ 8.1 - Ubuntu 18.04 |
System Requirements | |
Hardware | - CPU : Pentium 233MHz or more - Memory : 64MB or more - HDD : 1.5GB or more |
OS | * Embedded OS - Windows Embedded Standard 2009 - Windows Embedded Standard 7 - Windows Embedded POSReady 2009 - Windows Embedded POSReady 7 - Windows Embedded 8.1 Industry (Pro, Enterprise) |
* Client OS - Windows XP SP3 (Professional) - Windows Vista (Enterprise, Ultimate) - Windows 7 (Professional, Enterprise, Ultimate) - Windows 8, 8.1 (Professional, Enterprise) - Windows 10 (Professional, Enterprise) | |
* Server OS - Windows Server 2008 (Standard, Enterprise) - Windows Server 2012 (Essentials, Standard) - Windows Server 2016 (Essentials, Standard) |