Server Protection

RealSecure Server Sensor provides automated, real-time intrusion protection and detection by analysing events, host logs, and inbound and outbound network activity on critical enterprise servers to block malicious activity from damaging critical assets. Server Sensor applies built-in signatures and sophisticated protocol analysis with behavioural pattern sets and automated event correlation to prevent both known and unknown attacks. Server Sensor dramatically reduces network security costs while protecting enterprise server environments and reducing down time.

Features & Benefits:

Server Protection
Protects the underlying operating system by preventing attackers from exploiting operating system and application vulnerabilities.

Web Application Protection
Provides Secure Sockets Layer (SSL) encrypted application layer intrusion monitoring, analysis and response capability for both Apache and IIS web servers.

Advanced Intrusion Prevention/Blocking
Monitors all traffic to and from the server or network to detect and prevent inbound attacks as well as block new and unknown outbound attacks such as buffer overflows, Trojans, brute force attacks, unauthorised access and network worms.

Console and Network-Based Intrusion Protection
Provides the flexibility to detect and prevent both console and network-based attacks through log monitoring capabilities that detect malicious activity before it causes any damage.

Broad Platform Coverage
Provides organisations with the flexibility to grow their server protection strategy regardless of the environment> Windows, Solaris, HP-UX, AIX

Windows Server 2003 and Windows 2000 Server Certified
This rigorous test is endorsed for business-critical applications by analysts and enterprise customers alike because it verifies features and functionality that makes applications more robust and manageable.

Server Sensor is certified on the following platforms by VeriTest, the authorised worldwide lab, to test enterprise applications for Microsoft's "Certified for Windows" program:

Windows Server 2003 Standard Edition Windows Server 2003 Enterprise Edition Windows Server 2003 Datacenter Edition Windows 2000 Server Windows 2000 Advanced Server Windows 2000 Datacenter Server

Audit Policy Management
Centralised management of operating system audit policy ensures that all critical servers have consistent and effective audit policy and allows for the management of true kernel-level auditing.

SiteProtector Centralised Management
Customers can control, monitor and analyse their security protection systems from one central site with a minimum of staff and operational costs. This integrated system enables monitoring of intrusion activity, vulnerability assessment, event prioritisation and correlation of ongoing security activity, as well as multi-site management capabilities. No other solution provides the real-time end-to-end visibility into and across the enterprise-wide security program while capitalising on resource investments.

Advanced Event Correlation and Analysis
Provides built-in X-Force security knowledge to dynamically escalate threatening security incidents and reduce false alarms. The module instantly correlates security data from multiple sources to escalate serious threats, such as an attack on a vulnerable asset or a covert, multi-step attack.

Backed by the X-Force
X-Force is the most respected Internet security research group in the industry, having researched and identified security issues in products from Cisco, Microsoft, IBM, Sun, Hewlett-Packard, Oracle, Peoplesoft, BMC, Polycom, Apache and many more. This cutting-edge research team actively turns security research into product improvements, allowing ISS' customers to respond far more rapidly to evolving threats.