SECURE INTERNET

Security and IPS 

LucidView specialises in behaviour based Intrusion Prevention System (IPS) combined with Intrusion Detection System.  Our Secure Internet Module is a formidable security tool designed with malicious malware and ransomeware attacks in mind.  This Module examines all traffic connections entering and leaving your network and identifies anything that is anomalous.  Once identified, the anomalous connection is killed off, preventing hackers from gaining push or pull remote access to your network. 

 

build your enforcer
IDS & IPS solution protecting against suspicious connections

Behaviour based IDS & IPS with LucidView

LucidView specialises in behaviour based intrusion detection and prevention.  Our IPS module examines all traffic connections, at how the traffic behaves on your network, identifying and eliminating any anomalies.  Each and every connection that comes into or leaves your Network is analysed and categorised.

Behaviour based IPS is proactive. The Enforcer examines traffic patterns, looking for anything out of the ordinary.  Any traffic and/or connections behaving oddly are immediately added to the “Security Risk” category and blocked.

 

Pull and Push Remote Protection

Pull Remote Protection – These are attempted attacks into your network by a remote hacker trying to gain access to your network,  The LucidView Enforcer identifies these connections and eliminates them before they are able to infect the network or give a remote hacker control over the network.

Push Remote Protection – This refers to remote hackers that gain access via users from within the network, this can happen via a VPN, apps like WhatsApp, Telegram and even email.  The user inadvertently allow the hacker to push a remote connection into your network.  The LucidView Enfrorcer identifies these push remote connections and eliminates them.

The IPS module takes  a variety of factors into consideration when protecting your network from unauthorised remote access, known malware and other security risks.  Any good IPS solution is going to have false positives from time to time.  Services such as VOIP servers and VPNs that have no DNS entries may be flagged as a security risk.  These IP addresses can be added to whitelists in your LucidView MikroTik Portal so that they be ignored by the IPS module. 

Example of Identifying Security Risk

The charts in this example provide an illustration of how the LucidView Enforcer examines and an analyses each connection coming into and leaving your network.

Using our own A.I. we have created the LucidView Enforcer. The Enforcer effectively assesses, in real time, when a connection is behaving “suspiciously”.  If it is, the Enforcer automatically puts into the IPS Module. Thereby, blocking it and eliminating the threat to your network.

The LucidView IPS module identifies suspicious connections and immediately kills them off upon identification.  Offering an extremely effective Intrusion Detection (IDS) and proactive Intrusion Prevention (IPS) for all customers.

Intrusion Detection Dashboard

How the IPS Security Module works

This is a detailed presentation of LucidView’s behaviour based IPS Security solution presented at the MikroTik Users Conference in February 2020.

Do you provide an Intrusion Prevention System (IPS) for MikroTik RouterOS?

Yes. LucidView specialises in behaviour based Intrusion Prevention System (IPS) combined with Intrusion Detection System. Thus creating a proactive solution for MikroTik RouterOS. Our IPS module is a formidable security tool that will detect suspicious connections or suspicious activity on your internet network. The LucidView Secure Internet Module will then immediately make sure the connection is eliminated.

What is Ransomware in simple terms?

Ransomeware is a type of malware that employs encryption. Then the hacker threatens to display the victim’s personal private data or basically deny/block access to it. A ransom must be paid to the hacker for the victim to gain access and control over data again.