Product Service

Special Topics in Security

Security Research

About Us

About Topsec

China's leading cyber security, big data and cloud service provider

Learn about Topsec

Company Profile

Contact Us

Zero Trust

Build a dual system security framework of zero trust inference and trusted inference.

Intrusion Detection and Prevention System

It defends against various attack threats in the network and protects customer network IT service resources in real time.

Intrusion Detection and Prevention System Overview

Topsec Intrusion Detection and Prevention System (TopIDP) integrates ten functions of attack detection, web security detection, DDoS detection, weak password detection, brute force detection, zombie detection, illegal outreach detection, malicious program detection, APT detection, and threat intelligence for all-round detection of and in-depth defense against network threats. TopIDP has six libraries: attack detection rule library, application identification library, geographic information library, zombie rule library, threat intelligence library, and URL classification library, which are professional, authoritative, rich, and multi-dimensional, making the product more accurate and rapid in threat defense. In the face of the current complex network attack environment, TopIDP's comprehensive and deep threat defense capabilities can continuously combat the various security threats that are constantly emerging.

Activity & Announcement

Hot products Next Generation Firewall
Typical cases CNCC security construction project

Advantages

Precise positioning of zombies

TopIDP supports defense against zombie behavior such as botnets, Trojan control, worms, mining, extortion, mobile Trojan horse control, and APT, and supports detection of illegal server outreach and covert tunnel communication. TopIDP's rich and multi-dimensional detection methods and detailed and comprehensive log records can effectively avoid the harm caused by zombies.

Smooth upgrade and seamless full inspection

TopIDP has an authoritative attack rule library, which is periodically updated on a weekly basis. In case of emergencies, the rule library can be upgraded and security incidents can be responded to as soon as possible. TopIDP supports the normal detection of security policies without interruption during rule library upgrade, so as to achieve "smooth upgrade and seamless detection".

Independent and reliable threat intelligence

TopIDP adopts the method of embedding the threat intelligence library locally, which can implement threat intelligence capability independently without linkage with a third-party threat intelligence platform. Threat intelligence is abundant, with various types of intelligence such as malicious IP address/URL/domain name/file. TopIDP's professional team continuously excavates, researches and tracks the latest intelligence to ensure reliable sources of threat intelligence.

Comprehensive and accurate attack & defense

TopIDP has all-round and in-depth attack and defense capabilities, and can accurately detect and block various network attacks, including overflow attacks, code execution, injection attacks, XSS attacks, industrial control vulnerability attacks, and IoT vulnerability attacks. At the same time, TopIDP has anti-escape detection capability, which can prevent escape behavior from the root.

Application

Flexible Deployment

TopIDP is usually deployed in the network boundary area in tandem for detecting and blocking various intrusions from the extranet to the intranet in real time. Facing a complex and volatile network environment, enterprises need targeted and focused protection for specific business systems, and also need to regulate the network behavior of office area terminals to stop the spread of attacks on the intranet, so as to implement comprehensive protection for the entire network. At the same time, to cope with complex environmental requirements, TopIDP can provide a variety of deployment methods, without changing the customer's network structure, and supports various modes such as transparent, routing, and bypass.

Issues Resolved

Enhances the overall defense effectiveness of network security and effectively defends against various types of network attacks, including new types of attacks.
Resolves the issue of insufficient professional security analysis capabilities of O&M personnel.

Value to Customer

Professional attack and defense engine

The system provides comprehensive and deep attack and defense capabilities, which can continuously combat the various security threats that are constantly emerging.

Complete IPv4/IPv6 protocol stack

The system can be compatible with and identify attacks under IPv4/IPv6 packets, effectively adapting to the trend of IPv6 popularity on today's networks.

Fulfilling diverse compliance needs

The system helps customers meet the requirements of classified protection, hierarchical protection, and related industry regulations, and enhance compliance capabilities.

Fine-grained metadata extraction

The system has the comprehensive traffic audit function to record the metadata information about various network communications in detail, providing a multi-dimensional powerful basis for comprehensive security situation analysis.

Rich security log display

The system performs multi-dimensional security incident statistical analysis, which can intuitively grasp the complex threat situation in the network information system.

Flexible device linkage capabilities

The system provides firewall linkage, advanced threat detection system (all-around sandbox) linkage, and centralized management linkage functions to protect users' network security in all aspects.

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation