eTrust Intrusion Detection Combines Surveillance and Alert Capabilities

eTrust Intrusion Detection represents the latest generation of Internet and Intranet protection technology. It is an unobtrusive, yet effective, network security software product that provides you with the information, alerts and controls to protect your company from external attacks and intrusions, and internal abuses. eTrust Intrusion Detection provides you with the industry’s most comprehensive solution to control the effective use of Internet technologies in a business environment. It provides this control with very sophisticated, yet easy to use, software that monitors, detects, blocks, alerts and logs specific access events and the associated data.

Automatic Pattern Detection

eTrust Intrusion Detection delivers state-of-the-art network protection by automatically detecting patterns in network traffic that indicate potential intrusions, attacks, and abuses. For example, eTrust Intrusion Detection can detect a denial-of-service attack, and take appropriate action based upon predefined policies before servers and services are impacted. eTrust Intrusion Detection represents the latest generation of enterprise network protection technology, delivering unprecedented levels of access control, user transparency, performance, flexibility, adaptability, and ease-of-use. It offers organizations an easily deployable network protection solution that can be implemented without introducing any points of failure. eTrust Intrusion Detection delivers superior benefits including:

• Efficient Administration Through Centralized Monitoring. Network administrators can monitor and control one or more stations— locally or remotely—running eTrust Intrusion Detection. By installing eTrust Intrusion Detection agents, which are controlled by a central station, on different segments of the network (local and remote), the administrator can view alerts and generate reports based on the consolidated information collected.

• Reduces Training Levels. eTrust Intrusion Detection reduces training levels and time required to manage and ensure a safe network. By doing so, eTrust Intrusion Detection helps take much of the mystery out of what’s going on within the network in terms of overall security and policy compliance. For example, it gives detailed statistical reports on the number of policy violations and where they came from.

• Remote Management. Remote users can access a station running eTrust Intrusion Detection using TCP/IP or a modem connection. Once connected, the user can view and monitor eTrust Intrusion Detection data, change rules, and create reports— depending on the permissions defined by the eTrust Intrusion Detection administrator.

• Intrusion Logging And Analysis. eTrust Intrusion Detection provides a comprehensive system for capturing information and making it available for analysis. After installing the software and designating an archive location, the user defines a rule that logs the session data in an archive. Users can then use the Browser to filter, sort, and view the archived information, and to create detailed reports.

• Complete Network Protection. By deploying eTrust Intrusion Detection to multiple locations within the enterprise, its powerful capabilities protect the entire network. This includes monitoring and responding to enterprise-wide events from a remote or centrally-located consolidation console. eTrust Intrusion Detection also includes a central event database repository, additional reports, and a distributable “see-it-all” content viewer. eTrust Intrusion Detection provides network-wide, reliable, distributed real-time network protection.

Distinctive Functionalities

Network Access Control. eTrust Intrusion Detection uses a rules base to define which users can access specific resources on the network, ensuring only authorized access to network resources.

Advanced Antivirus Engine.  A virus scanning engine detects and blocks network traffic containing computer viruses. It protects users from innocuously downloading virus-infected files. New and updated virus signatures are available from the CA website.

Comprehensive Attack Pattern Library. eTrust Intrusion Detection automatically detects attack patterns from network traffic, even while in progress. Regularly-updated attack signatures— available from the CA website—ensure that eTrust Intrusion Detection remains up-to-date.

Packet-Sniffing Technology. eTrust Intrusion Detection operates in stealth mode, remaining undetectable to attackers. Hackers are often caught unaware, as they don’t know that they are being watched.

URL Blocking. Administrators can designate URLs that users are not allowed to visit, preventing unproductive Web surfing.

Word Pattern Scanning. With eTrust Intrusion Detection, administrators can define word patterns that may indicate policy violations.

eTrust Intrusion Detection 2 Tier Management.  Enhances and secures data collection/analysis by separating collection and data/report viewing modules.

Packet-Based Rules Scripting. This is a highly accurate method of analysis, allowing the service to perform additional processing functions, invoke actions, and save the packets for future investigation. Packet Scripting also significantly reduces “False Positives” common to many IDS solutions.

Network Usage Logging. eTrust Intrusion Detection enables network administrators to track network usage by end users, applications, and more. It helps improve network policy planning and provides accurate network chargeback.