Ip Reputation - Allied Telesis AR Series Technical Manual
Feature overview and configuration guide advanced network protection
Hide thumbs
Also See for AR Series:
- Configuration (43 pages) ,
- Hardware reference manual (100 pages) ,
- Hardware reference manual (111 pages)
Table of Contents
Advertisement
Feature Overview
IP Reputation
This feature is supported from AlliedWare Plus version 5.4.5 or later.
IP Reputation uses Emerging Threats' ET Intelligence to identify and categorize IP addresses that
are known sources of spam, viruses and other malicious activity. This can improve the success of
Intrusion Prevention System (IPS) by reducing false positives. It provides an extra variable to the
prevention decision, which allows rules to be crafted to drop packets only if the reputation exceeds
a chosen threshold.
With real-time threat analysis, and regular updates to reputation lists, IP Reputation delivers
accurate and robust scoring, increasing the precision with which intrusion protection policies can be
applied.
This section describes AlliedWare Plus™ IP Reputation and its configuration. To configure this
feature, see
How IP Reputation Works
AlliedWare Plus IP Reputation uses categories, which is a grouping of criteria, to classify the nature
of a host's reputation. For example, IP addresses associated with questionable gaming sites will be
categorized as OnlineGaming.
A host may have a reputation in multiple categories. A score is rated for each IP address and the
score is used to compare to a threshold to determine the action taken upon the IP address.
The reputation of a host changes dynamically. A host may degrade its reputation due to active
engagement in unwanted activity, for example, the host launches a spam campaign. Conversely,
absence of malicious activity will result in improved reputation.
AlliedWare Plus IP Reputation provides compressive IP reputation lists through Emerging Threats
signature database (now part of Proofpoint). Emerging Threats provides an IP Reputation database
downloaded to the device. The database is updated regularly and can deliver the latest information
and scores of identified and potentially harmful IP addresses.
IP Reputation works.
C613-22104-00 REV B
"Configuring IP Reputation" on page
36.
Figure 1
shows how AlliedWare Plus
Advanced Network Protection
|
IP Reputation
Page 14
Hide quick links:
Advertisement
Table of Contents
