A device used to monitor network traffic for signs of malicious activity. Uses:
- Signature detection
- Anomaly detection
- Behavioral analysis
Features
Real-Time Traffic Analysis
Can continuously analyze traffic for anomalous behaviors and take immediate actions to block devices.
Blocking Threats
Can block an IP or drop all packets from a device
Policy Enforcement
Ensures security policies and rules defined by administrators complies with security guidelines.
Alerts and Reporting
Can generate reports and alert IR