Top Layer Network Protection Tool Features IP "Shunning"

Latest release of IPS 5500 E-Series lets users block IP addresses associated with an attack

Top Layer Security recently released version 5.2 of its IPS 5500 E-Series, the company's network intrusion prevention product. The latest version now features real-time "shunning" -- the ability to reject specific IP addresses that are suspected to be the source of an attack or are somehow related to an attack.

The new shunning feature lets users analyze specific attack evens and automatically block traffic from all associated IP addresses. Users have the option of setting these blocks permanently, or letting them expire after a certain amount of time. They can also manually "unshun" specific IP addresses if they're later deemed safe.

Related to this shunning feature is the product's Security Event Viewer which lets users quickly view groups of IP addresses that are related to an attack.

Other features include a new dashboard that lets users quickly switch from "quiet-time monitoring" mode to "under siege" mode, as well as enhanced protection for routers (users can export a list of shunned IP addresses to a router for blocking).

"The number and variety of botnet-initiated attacks on organizations continue to grow," said Top Layer CTO Mike Paquette in a prepared statement. "The new shunning capabilities in our IPS 5500 E-Series provide powerful attack defense and active, detailed incident monitoring, ensuring that as these attacks grow in size, organizations' network performance and Internet operations will not be compromised."

The IPS 5500 E-Series version 5.2 is now available free of charge for customers with current support contracts. For more information, go to http://www.toplayer.com.

About the Author

Gladys Rama is the senior site producer for Redmondmag.com, RCPmag.com and MCPmag.com.