Trend Micro Deep Security Agent Desktop includes Deep Packet Inspection and Firewall for non-OfficeScan desktops.
The Third Brigade Deep Security Agent is a server-based software component of the Deep Security solution. The agent enables IDS/IPS, web application protection, application control, firewall, integrity monitoring and log inspection. It defends the server or virtual machine by monitoring incoming and outgoing traffic for protocol deviations, content that signals an attack, or policy violations.
The high-performance deep packet inspection engine examines all incoming and outgoing traffic, including SSL traffic, for protocol deviations, content that signals an attack, or policy violations. It can operate in detection or prevention mode to protect operating systems and enterprise application vulnerabilities. It protects web applications from application-layer attacks including SQL injection and cross-site scripting. Detailed events provide valuable information, including who attacked, when they attacked and what they attempted to exploit. Administrators can be automatically notified via alerts when an incident has occurred. Deep packet inspection is used for intrusion detection and prevention, web application protection, and application control.
The Third Brigade Deep Security Firewall software module is enterprise-grade, bi-directional, and stateful. It can be used to allow communications over ports and protocols necessary for correct server operation and block all other ports and protocols reducing the risk against unauthorized access to the server.
DEEP PACKET INSPECTION FEATURES:
Web application protection
Third Brigade Deep Security enables compliance with PCI Requirement for the protection of web applications and the data that they process. Web application protection rules defend against SQL injections attacks, cross-site scripting attacks and other web application vulnerabilities, and shield these vulnerabilities until code fixes can be completed.
Application control rules provide increased visibility into, or control over, the applications that are accessing the network. These rules can also be used to identify malicious software accessing the network, or to reduce the vulnerability exposure of your servers.
Virtual machine isolation
It allows VMs to be isolated in cloud computing or multi-tenant virtual environments, providing virtual segmentation without the need to modify virtual switch configurations.
Firewall rules can filter traffic on: IP addresses, Mac addresses, ports, different policies for each network interface can be configured.
Coverage of all IP-based protocols
Support for full packet capturing simplifies troubleshooting and provides valuable insight into understanding raised firewall events.
Detect reconnaissance activities such as port scan. Non-IP traffic such as ARP traffic can also be restricted.
The stateful firewall is flexible, allowing complete bypass of inspection, when appropriate, in a controlled manner. It addresses ambiguous traffic characteristics that can be encountered on any network, due to normal conditions, or as part of an attack.
Predefined firewall profiles
Group common enterprise server types ensuring rapid, easy, consistent deployment of firewall policy, even in large, complex networks.
With detailed logging, alerting, dashboards, and flexible reporting, Deep Security Firewall configuration changes is captured and tracked providing a detailed audit trail.
This product can only be sold to College Students, Accredited Educational Institutions, Administrative Offices & Boards of Education, Public Libraries, and Public Museums. Students are limited to 1 copy of each product per calendar year. Students must supply either a clear copy of their student ID or a enrollment verification letter from the registrar's office, via FAX or e-mail(.jpg). Institutions must supply a signed purchase order. We cannot ship academic orders unless we receive valid credentials. Please click here for instructions.