Intrusion Detection and Prevention
Intrusion Detection and Prevention

IDPS and LucidView’s MikroTik Enforcer

It goes without saying, that as we live and transact more and more online, so to do the risks against us build. Intruders or hackers are constantly finding new ways to commit cyber crimes against our networks and users.  Detecting and preventing these has never been more important than it is now.

Behaviour Based IDPS vs Traditional Anti-Virus

Traditional anti-virus keeps a database of known malware signatures, thus when one appears, its scans its signature and blocks it.  Much like a criminal whose fingerprint is already in the polices database, when a crime is committed, the fingerprint is compared and the criminal identified.

This system relies on information already known.

Behaviour based IDPS is simply more effective and proactive.

Its more like a Profiler than a fingerprint and can find suspicious network behaviour before it has time to wreak havoc.

We believe that everyone is entitled to secure and affordable connectivity.

Combining the  LucidView Reporting Engine with the Lucidview Content Filter we can provide you with clear oversight into anomalous connections. upgrading to LucidView Enforcer Pro Account will provide access to our AI that kills off suspicious connections.

 

Comprehensive Detection and Protection with the LucidView MikroTik Enforcer

LucidView specialises in behaviour based intrusion detection and prevention.  We look at how the traffic behaves on your network, identify and eliminate any anomalies.  We have specific techniques for identifying various types of malware and ransomware.

The advantage of behaviour based IDPS vs. traditional signature based IDPS is that only with behaviour based IDPS is it possible to stop a zero day attack.  Signature based IDPS will not yet have the signature in their databases and will therefore be unable to prevent this attack until its too late.

Behaviour based IDPS is a proactive security measure while signature based IDPS is largely reactive, as it is only able to respond if the signature of the threat is already in its database.

With LucidView Enforcer each and every connection that comes into or leaves your Network is analysed and categorised.  Equally as important, the Enforcer examines traffic patterns, looking for anything out of the ordinary.  Any traffic and/or connections behaving oddly are immediately added o the “Suspicious” category and blocked.

In other words, the LucidView MikroTik Enforcer provides you or your client with an advanced intrusion detection and then prevent intrusion system.  The combination of these two solutions is a complete IDPS solution.

Thus, the LucidView MikroTik Enforcer can both identify intrusion attempts and put an end to them quickly. Providing you with Intrusion Prevention as well.

 

Reporting on Intrusion Attempts

Reports on intrusion attempts averted can be pulled Via the dashboard  data analysis tool, or scheduled reports can be sent out.

Intrusion Detection

The charts in this example provide an illustration of how the LucidView Enforcer examines and an analyses each connection coming into and leaving your network.

Using our own AI and combining it with the MikroTik RouterOS we have created the LucidView Enforcer. The Enforcer effectively assesses, in real time, when a connection is behaving “suspiciously”.  If it is, the Enforcer automatically puts that URL into the “suspect” category in our Content Filter.

Using the tools provided by our Content Filter, these connections are killed off upon identification.  Offering an extremely effective Intrusion Detection (IDS) and proactive protection (IDPS) for all MikroTik based customers.

Intrusion Detection Dashboard
Overview of Intrusion Detection, attempts to access or plant malware on your network and Intrusion that was eliminated by the Enforcer

LucidView’s approach to IDS

The LucidView Enforcer has a behavioural approach to Intrusion Detection.  This includes, inspecting the traffic for patterns and connections that are considered anomalous.  LucidView then does not simply identify the intrusion attempt once spotted, but eliminates as soon as it is identified.

Traditional IDS

Traditional IDS solutions look for intrusion attempts by analysing traffic patterns and anomalies.  Once they have found a pattern that could represent malware based on its signature, administrators of the systems should be able to see and thus act on this information.

LucidView Enforcer’s Approach to IDS

LucidView’s approach differs in a few ways. We assess each and every connection and watch how it behaves, where it comes from, how it got there.  Based on this, we define it as suspicious or safe in real time.

Furthermore, LucidView then eliminates all suspicious connections, traffic and anomalies.

The administrator or end-user, depending on how you choose to use the solution, receives a report on all potential malware and cyber threats that were killed off using the LucidView MikroTik Enforcer (or whatever you call your product).

In short, the LucidView MikroTik Enforcer offers both an Intrusion Detection Solution (IDS) combined with an Intrusion Prevention Solution (IDPS).

Common Cyber Threats we protect against

Securing your network from hackers, malware and ransomware.

The more dependent we become on the Internet, the more threats we are faced with.  

These threats are commonly known as:

  • Malwarenoun

software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

  • Ransomwarenoun

noun: ransomware; noun: ransom-ware

a type of malicious software designed to block access to a computer system until a sum of money is paid.
“although ransomware is usually aimed at individuals, it’s only a matter of time before business is targeted as well”

  • Hackers

noun

plural noun: hackers

  1. a person who uses computers to gain unauthorized access to data.
    • INFORMAL
      an enthusiastic and skilful computer programmer or user.
  1. a person or thing that hacks or cuts roughly.

Definitions provided by www.dictionary.com.