- Stops attack traffic at the perimeter
- Protecting from walk-in-worm spreading on the networks
- Network isolation in multiple StoneGate engines simultaneously
Blacklisting
Enforce network communication automatically on StoneGate IPS and Firewall engines using blacklisting. Monitor active blacklist with Management Client and add new blacklist entries directly from log events in Log Browser.
Blacklist can be used for network, IP address or TCP/UDP port number isolation and thus to prevent, e.g., worm spreading on the networks.
Blacklisting is also an effective way to "educate" users to follow the company security policy guidelines. For example, enforce Web browser or browser versions on the company networks using blacklisting. When forbidden Web browser communication is detected, it triggers a blacklisting for client address on IPS and/or Firewall engines for a few seconds. The user quickly learns what actions are causing the network communication to stall for a while.
Benefits
- Extends IPS system enforcement capabilities
- Reduces network traffic since unwanted network traffic can be blocked already at perimeter by firewall
- Early quarantine will reduce the time and resources needed for cleaning the worm-infected systems