The abnormal traffic monitoring and protection system is deployed in the backbone network of operators, the IP core network of provincial exports and IDC exports. It has the ability to detect, restore samples, analyze, handle and protect abnormal traffic such as botnets, trojans, worms, and can effectively maintain public Internet security.
Implement effective detection and protection against denial of service, buffer overflow, malicious scanning, Trojan backdoors, virus worms, zombie networks, cross-site scripting, SQL injection, WEB attacks, and network layer attacks, and generate real-time reports when security monitoring events happen; It achieve real time visualization of the threat situation across the entire network.
It supports multi dimensional dynamic feature anomaly detection engine, real-time storage and tracing of malicious files and attack data, visualization analysis of threat situations, and suspected threat behavior association analysis.