Threat protection, that device can detect and block network threats occur. By configuring the threat protection function, Hillstone device can defense network attacks, and reduce losses caused by internal network.
Threat protection includes:
Hillstone device supports threat protection configurations based on security zones and policies. If a security zone is configured with the threat protection function, the system will perform detection on the traffic that is destined to the binding zone specified in the rule, and then do according to what you specified. If a policy rule is configured with the threat protection function, the system will perform detection on the traffic that is destined to the policy rule you specified, and then response. The threat protection configurations in a policy rule is superior to that in a zone rule if specified at the same time, and the threat protection configurations in a destination zone is superior to that in a source zone if specified at the same time.
Hillstone device supports license-controlled threat protection, i.e., the function will not work unless the license has been installed.
Threat protection signature database includes a variety of attack signatures, virus signatures, malicious URL signatures, Trojans signatures, etc. By default system updates the threat protection signature database everyday automatically. You can change the update configuration as needed. Hillstone devices provide two default update servers: update1.hillstonenet.com and update2.hillstonenet.com. Hillstone device supports auto update and local update.
According to the severity, signatures can be divided into three security levels: critical, warning and informational. Each level is described as follows:
Related Topics: