Topsec Intrusion Detection System

Product Overview

The Topsec Intrusion Detection System (TopSentry) is a bypass network traffic monitoring solution. It integrates ten core detection capabilities—including attack detection, web security, DDoS detection, weak password identification, brute-force cracking detection, botnet (zombie host) detection, unauthorized external connection monitoring, malware detection, APT detection, and threat intelligence—into a unified platform, achieving comprehensive, in-depth detection of network threats.

Backed by a professional, authoritative, and multidimensional knowledge base, TopSentry enables accurate and rapid threat identification, providing users with a holistic and robust network security protection solution.

Activity & Announcement

Hot Products Intelligent Computing Cloud Platform
New Products Ask Large Model
New Products LLM Security Gateway
Typical cases CNCC security construction project

Advantages

Accurate Botnet (Zombie Host) Detection

It detects a wide range of botnet-related activities including botnets, Trojan command-and-control (C&C), worms, and cryptomining. The system can uncover botnets by analyzing abnormal communications with control hosts, monitor unauthorized server external connections and covert tunnels, and supports evidence collection and event logging of these anomalous behaviors.

Combining multidimensional detection methods with detailed, comprehensive log recording, TopSentry enables rapid and effective botnet host identification, minimizing the associated risks.

Independent and Reliable Threat Intelligence

TopSentry features a locally embedded threat intelligence library, providing standalone and reliable threat intelligence capabilities without reliance on third-party platforms. The library contains over 8 million highly reliable intelligence entries across diverse types such as malicious IPs, URLs, domains, and file hashes.

This capability significantly enhances threat detection efficiency, helps enterprises gain a comprehensive understanding of the threats facing their network information systems, and provides a robust reference for threat analysis.

Seamless Updates with Uninterrupted Inspection

Topsec maintains a professional security research lab and an independently developed rule library. During rule library updates, the system seamlessly switches to a backup library for continuous threat monitoring. Once the update is complete, it automatically transitions to the new library.

This process ensures no interruption, delay, or perceptible impact on the customer's network operations, achieving truly seamless detection capability throughout the upgrade cycle.

Comprehensive & Accurate Attack Detection

TopSentry integrates multiple detection functions—including attack, web security, DDoS, weak password, and brute-force cracking detection—to deliver comprehensive, in-depth threat analysis.

It employs a combination of techniques such as protocol analysis, pattern matching, statistical analysis, and traffic anomaly monitoring to perform deep inspection of network intrusion behaviors across Layers 2 to 7, accurately identifying over 10,000 types of network attacks.

Additionally, the system records and retains detailed attack event information and incorporates robust anti-evasion capabilities to detect and thwart evasion-based attacks at their root.

Applications

Bypass Deployment Scenario:

In today's complex and dynamic network environments, enterprises require both targeted monitoring for critical areas and comprehensive visibility across the entire internal network. TopSentry can be deployed in bypass mode at key points such as network perimeters and in front of critical servers. This provides continuous oversight of vital information assets and the overall network security posture without impacting network performance.

Problems solved:

Enhances overall network security defense by effectively detecting a wide range of attacks, including emerging threats.
Addresses the shortage of professional security analysis expertise among IT operations staff.
Meets compliance and audit requirements from national and industry regulatory bodies.
Assists in security incident forensics and post-incident investigation.

Value to Customers

Professional Attack Detection Engine

Provides real-time detection of intrusion attacks and policy violations across Layers 2 to 7, with timely alerts to administrators via email, SMS, and syslog to facilitate rapid response.

Full IPv4/IPv6 Protocol Stack Support

Detects and identifies attacks in both IPv4 and IPv6 environments, effectively adapting to the growing adoption of IPv6.

Diverse Compliance Fulfillment

Helps customers meet requirements for Multi-Level Protection Scheme (MLPS), classified protection, and relevant industry regulations, strengthening their compliance posture.

Fine-Grained Metadata Extraction

Comprehensive traffic auditing captures detailed metadata from all network communications, providing a multi-dimensional, robust foundation for thorough security situational awareness and analysis.

Rich Security Log Visualization

Multi-dimensional statistical analysis of security events offers an intuitive understanding of complex threat landscapes within network information systems.

Flexible Device Integration Capabilities

Supports integration with firewalls, advanced threat detection systems (e.g., sandboxes), and centralized management platforms, enabling a coordinated, all-round security defense.

Specification

0 > 0 > 0 >

	TS-4532A-E	TS-64428-E
Form Factor	1U	1U
Fixed I/O Ports	8xGE,4xSFP	8xGE,4xSFP
USB Ports	2	2
Power Specification	150W, Dual AC	150W, Dual AC
Power Supply	AC 100-240V,50/60 Hz	AC 100-240V,50/60 Hz
Storage	4TB	4TB
RAM	32G	32G
Throughput	8Gbps	10Gbps
IPS Throughput	3Gbps	4Gbps
Concurrent Sessions	1,000,000	2,000,000

Success Case

Network Security Level Protection Project of A Certain Hospital

Based on the important content of the overall strategic objectives of the health informationization plan, in order to strengthen network security construction, meet the requirements of the third level of equal protection, adapt to the constantly developing and changing new demands of informationization business, and comprehensively improve the level of network security management and control capabilities, this project is specially constructed.

Value to Customers：: Attack Monitoring, Comprehensive Grasp of Threats Attack Evidence Collection, Easy Event Tracing Compliance with Regulations, Effective Compliance Response

View details

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation

Network Security Level Protection Project of A Certain Hospital

Topsec Intrusion Detection System

Product Overview

Product Service

Security Research

Special Topics in Security

About Us