Intrusion Detection and Prevention System (IDS/IPS)

Intrusion Detection and Prevention in UserGate Solutions

UserGate employs an intrusion detection system of its own design, developed in-house without the use of open source, as part of its next-generation firewall.

All applied IDPS signatures are developed and verified by the UserGate Monitoring and Response Center (MRC-UG) in-house team of analysts. To date, the center's analysts have developed more than 6,000 signatures, and their number is increasing every day. When developing rules, information from various computer incident response centers is also used.

Working with Mirror Traffic from SPAN Port on the Switch

UserGate can be used in both monitoring and blocking modes (IPS and IDS). UserGate provides network protection by detecting signs of attacks in incoming and outgoing traffic that use certain known vulnerabilities or perform malicious activity. For example, signs of botnet protocols, virus signatures, etc., as well as user actions that are contrary to the company's corporate policy (for example, the use of torrents) are recognized. Heuristic algorithms allow you to identify new or modified methods of attacks, increasing the level of security.

Working with Transit Traffic in L3 or L2/L3 Bridge Modes

About the UserGate Monitoring and Response Center (MRC-UG)

The UserGate Monitoring and Response Center is a team of information security specialists who research network threats. Employees of the center regularly monitor the emergence of new threats and analyze the methods of penetration of intruders into corporate networks. On the one hand, the team uses information from numerous open sources, on the other hand, data is obtained from various paid subscriptions, vulnerability databases, as well as through technology partnerships with other companies. In addition, the UserGate Monitoring and Response Center has its own traps (honeypots), which are used to study actual illegal activity on the Internet. Based on this experience, both collected as a result of investigations of incidents and obtained by studying external materials, the specialists of the center develop new and update existing signatures of hacker attacks.

The Monitoring and Response Center allows users of UserGate solutions to stay with the most up-to-date and effective protection. If necessary, MRC-UG specialists are ready to join in solving problems at the client's site.

UserGate creates its own signatures based on:

  • Malicious traffic samples
  • Public proof of concept of vulnerability
  • Information from various CERTs
  • Analysis of collected IoCs
UserGate C150

UserGate C150

The next-generation firewall UserGate C150 is used to ensure the security of corporate networks of any scale. The hardware and software system is the optimal solution for protection against cyberthreats for small and medium-sized businesses, as well as for organizations with multiple branches.

UserGate C150 is a part of the UserGate SUMMA cybersecurity product ecosystem.

For small businesses, branch offices, POS-systems, schools, Wi-Fi hotspots

Networks of all sizes should be protected from external attacks and viruses, as well as a wide range of other modern cyber threats. UserGate is a compact and straightforward network device for small organizations and branch offices, equally suited to safeguarding networks of a few dozen users to those of a hundred or more.

For large enterprise networks and telecom providers

Corporate network security must be maintained through a high-performance platform that has a good safety factor and the potential for scaling up. UserGate E is a full-fledged network server solution capable of resolving security issues related to all types of online threats in networks with a thousand users or more.

For large enterprise networks and data centers

For large corporate networks and data centers, it is critical to use reliable network solutions that provide high availability, fail-safe redundancy, scalability, and flexibility when it comes to integrating them with your network infrastructure. UserGate F combines all the security features you need with the capabilities necessary for functioning with maximum stability under an extremely high load.

For outdoor industrial and transport objects

In the modern world, it is not only office computers that connect to the Internet and various networks, but also numerous devices that manage road, transport, industrial, and other infrastructures. The security of such facilities is extremely important, but standard means of protection are not always effective due to extreme operating conditions.

Virtual Firewall

For organizations that prefer a virtual platform

UserGate can be deployed on the customer's virtual infrastructure. All hypervisors are supported, including VMware, Hyper-V, Xen, KVM, OpensStack, and VirtualBox. The functionality of our virtual solution is completely equivalent to that of the UserGate hardware system.

How to set up a virtual image?

For large enterprise networks and telecom providers

The UserGate Log Analyzer collects and performs the initial processing of data from UserGate firewalls. The product is deployed separately from UserGate Security Gateway and is a full-fledged network server solution capable of protecting against all kinds of Internet threats on networks with up to a thousand or more users.

For large enterprise networks and data centers

UserGate Log Analyzer F25 is intended for use at major companies and data centers. This hardware and software system has great information storage capabilities and allows data received from UserGate servers to be processed as quickly as possible.

Virtual Firewall

For organizations that prefer a virtual platform

Virtual UserGate Log Analyzer can be deployed on the customer's virtual infrastructure. All hypervisors are supported, including VMware, Hyper-V, Xen, KVM, OpensStack, and VirtualBox. The functionality of our virtual solution is completely equivalent to that of the UserGate hardware system.

How to set up a virtual image?

Rewards