Table of Contents
Advertisement
18 Introduction
About the Symantec Network Security foundation
of protocol anomaly detection, stateful signatures, event refinement, traffic
rate monitoring, IDS evasion handling, flow policy violation, IP
fragmentation reassembly, and user-defined signatures.
Zero-Day Attack Detection: Symantec Network Security's protocol anomaly
■
detection helps detect previously unknown and new attacks as they occur.
This capability, dubbed "zero-day" detection, closes the window of
vulnerability inherent in signature-based systems that leave networks
exposed until signatures are published.
Symantec SecurityUpdates with LiveUpdate: Symantec Network Security
■
now includes LiveUpdate, allowing users to automated the download and
deployment of regular and rapid response SecurityUpdates from Symantec
Security Response, the world's leading Internet security research and
support organization. Symantec Security Response provides top-tier
security protection and the latest security context information, including
exploit and vulnerability information, event descriptions, and event
refinement rules to protect against ever-increasing threats.
Real-Time Event Correlation and Analysis: Symantec Network Security's
■
correlation and analysis engine filters out redundant data and analyzes only
the relevant information, providing threat awareness without data overload.
Symantec Network Security gathers intelligence across the enterprise using
cross-node analysis to quickly spot trends and identify related events and
incidents as they happen. In addition, new user-configurable correlation
rules enable users to tune correlation performance to meet the needs of
their own organization and environment.
Full packet capture, session playback and flow querying capabilities:
■
Symantec Network Security can be configured on a per-interface basis to
capture the entire packet when an attack is detected so that you can quickly
determine if the offending packet is a benign event that can be filtered or
flagged for further investigation. Automated response actions can initiate
traffic recording and flow exports, and you can query existing or saved flows
as well as playback saved sessions to further assist in drill-down analysis of
a security event.
Proactive Response Rules: Contains and controls the attack in real-time and
■
initiates other actions required for incident response. Customized policies
provide immediate response to intrusions or denial-of-service attacks based
on the type and the location of the event within the network. Symantec
Network Security implements session termination, traffic recording and
playback, flow export and query, TrackBack, and custom responses to be
combined with email and SNMP notifications to protect an enterprise's most
critical assets.
Advertisement
Table of Contents
Related Manuals for Symantec 10521146 - Network Security 7120
Related Products for Symantec 10521146 - Network Security 7120
- Symantec 10521148 - Network Security 7161
- Symantec 16-00-00091 - FNC XGRD FW VPN 200
- Symantec 10268947 - Network Security 7160
- Symantec 10744983 - Mail Security 8320
- Symantec 100
- Symantec 10024200 - 50PK SYM ANTIVIRUS 8.0
- Symantec 10097944 - 10PK NORTON ANTIVIRUS 2004
- Symantec 10460591 - Mail Security 5.0
- Symantec 10067161 - 10PK NORTON ANTIVIRUS
- Symantec 10288239 - ACAD NORTON ANTISPAM 2005
- Symantec 10099585 - 10PK NORTON ANTISPAM 2004
- Symantec 10514879 - Norton Confidential
- Symantec 10547829 - Mail Security For Smtp 5.0 Smb
- Symantec 10547849 - Mail Security For SMTP
- Symantec 10551441 - AntiVirus Corporate Edition
- Symantec 10765539 - Mail Security For SMTP