Products
  Solution to network security
  IPS
  NaviStar
  PatrolStar
  





   Products  »  IPS
IPS
Multiple Functioning Prevention Systems
The NetKeeper 3000 IPS device from BroadWeb Corp. is capable of providing a total protection mechanism against intruders, hackers, and the rapid emergence of new vulnerabilities. The NetKeeper 3000 encapsulates the world’s most technologically advanced, best-of-breed IPS solutions to satisfy all of the business entities, educational facilities and governmental agencies. This powerful intrusion prevention system, with intelligent and “pro-active” blocking and filtering against the most ubiquitous cyber attacks, is dedicated to manage HTTP worms, DoS/DDoS attacks, protocol and traffic anomalies, IP spoofing, SYN Flooding attacks in real-time. Its feature-rich functionalities may well improve the productivity of employees and also increase the effectiveness of bandwidth usage within a corporation.
Deep packet Inspection

Based on the fact that traditional firewalls are incapable of inspecting packet contents above layer 4 on a standard OSI structure, intruders and malicious activities attempting to cripple any given business operations can be accomplished fairly easily. Between the increasing scale of assaults by hackers and the ever growing rate of vulnerabilities, firewalls are simply unable to maintain the sophisticated level of protection while allowing legitimate business operations to be transmitted unhindered.

Equipped with Deep Packet Inspection, the NetKeeper 3000 is capable of providing any business networking infrastructures with completed protection against both network-level and application-level attacks. Completed protection requires that 100% of legitimate transactions to reach their destination with no discernable impact on network latency even when under severe attack.

Multi-detection Technique

The NetKeeper 3000 incorporates multi-detection technique which is composed of mainly: advanced network anomaly behavior analysis, anomaly packet analysis and multi-detection matching techniques for the purpose of verification on attacking signatures. Based on this impeccably advanced technology, the NetKeeper 3000 is able to ensure multiple layers of security even under heavy attacks

Real-time Detection / Destruction at the Boundary

The NetKeeper 3000 accurately detects any type of network intrusions by actively blocking malicious codes even before they penetrate into enterprise network system, thus the goal of real-time intrusion detection and prevention is achieved pro-actively.

Real-time Response to the Attack

The NetKeeper 3000 actively secures the Intranet. According to different security policies, it blocks and drops any illegal connection encountered, reacts to the attack, and informs the network administrator through all possible ways that’s being implemented in order to elaborate effective processes of protection.

Logs and Analyzes All Intrusion Events Completely

NetKeeper logs detailed attack events and proceeds to intercept the packets based upon the pre-set security policies. These network security event logs allow the network administrators to trace attack sources, targets IP addresses, connection ports and communication protocols.

BEMS (BroadWeb Extensible Management System)

BEMS(BroadWeb Extensible Management System) is a Java-based central management program that is designed to manage multiple NetKeeper appliances at the same time. Integrating with Plugins, BEMS provides user-friendly interface to monitor the real-time network traffics, real-time security-events, and allow users to modify policies and even define their own policies.

Easy-to-use and Query-on-demand Reporting

BEMS also makes it easy to manage tasks of report inquiries, such as top-30 intrusion events, attackers, and victims. All of the daily, weekly and regular reports can be printed and sent out in the CVS or HTML formats. In addition, users can use standard SQL commands to generate their own special query reports.

Powered by BSST (Broadweb Security Service Team)

BSST (BroadWeb Security Service Team) teams up with a group of network security experts to provide continuous security update for NetKeeper. They are committed to study the latest hacking exploits and vulnerability reports over Internet communities. With this knowledge they define the latest defensive policies and provide clients the continuous security. BSST will provide continuous security update for NetKeeper, publishing weekly security alerts, network security consultation and technical supports.
NetKeeper software specification

﹡Real-time analysis of network traffic to detect malicious codes and attacks                                                      

﹡Supports multiple modes of network operation                      

  • In-Line                                                  
  • Tap                                                     
  • SPAN                                                      
  • Monitor
  • Bypass                                                   

﹡Contains more than 1,750 above signatures, including 

  • Anti-DoS / DDoS                                         
  • Anti-P2P                                               
  • Anti-Instant Messenger                                    
  • Anti-Virus / Worms
  • Anti-Porn
  • Anti-Web Post

﹡IDP engine throughput:200Mbps
﹡Highly Secure Embedded Real-tine OS

  • Supports Stealth mode
  • Supports SNMP v2
  • Supports 802.1Q VLAN tagging

﹡Multiple-detecting engine that combines Misuse and Anomaly Detection technologies
﹡Detects anomaly behaviors using multiple detection methods, including protocol and traffic anomaly detections
﹡Actively detect and block IP/TCP/UDP packet with malicious intrusions and ensure normal network accesses
﹡Configurable threshold parameters to fit into different network environment
﹡User-Defined attack patterns, signatures and defense actions for

  • Layer 7 Access Control List
  • Keyword / Phrase Filtering
  • URL Filtering
  • Application Filtering

﹡Real-time alert system, can inform the administrator through Console, E-mail, SNMP
﹡Auto signature update
﹡Auto kernel upgrade
﹡Robust encrypted remote management interface
﹡configurable software-based bypass function

 NetKeeper hardware specification 

﹡Three 10 / 100Based-Tx FastEthernet interfaces
﹡9-pin RS-232 serial port (Console)
﹡Power supply: AC Line 90-264VAC, 50-60HZ 1A MAX
﹡Built-in Fail Open Hardware Bypass  
﹡Dimension: Standard 19 inches 1U Chassis,445mm(Length)×265mm(Width)×45mm(Height)

BroadWeb Extensible Management System 
Hardware Requirement

  Minimum 

    Recommended

CPU

P4-2.0GHz

P4-2.8GHz or above

Memory

512MB

1GMb or above

Hard Drive

40G HD free space

60GB HD free space or above

OS

Windows XP Professional

﹡Java-based Web GUI
﹡Centralized Management to control multiple NetKeeper appliances simultaneously
﹡3-tier remote management architecture
﹡Real-time attacks and traffic monitoring/analysis in graphic/text mode
﹡Rule-based policy management
﹡Links between attack events and policies
﹡Policies defined by IP and groups
﹡User defined policies
﹡User defined report, supports SQL command
﹡Schedule report sent by E-mail or FTP
﹡Attack event log down to content level
﹡Auto kernel/signature update
﹡Supports Syslog
﹡Real-time alert system, can inform the administrator through Console,
﹡Export report to CSV and HTML format
NetKeeper VS. Firewall / Anti-Virus / IDS

NetKeeper can block

  • Buffer Overflow Attack
  • Port Scan Attack
  • Trojan Horse Attack
  • IP Fragmentation Attack
  • Virus/Worm Attack
  • System & Application Vulnerabilities Attack
  • DoS / DDoS Attack
  • P2P, IM, Web Post, Porn Web etc.
Add:A608,Shenzhen Academy of Aerospace Technology The Tenth Kejinan Road,High-tech Zone,Nanshan Dist.,Shenzhen,P.R.China
TEL:86-0755-26428519、26429178 FAX:86-0755-86036769、88317687
Copyright (c) 2009 Shenzhen Condex Technologies Co.,Ltd.