Product Service

Special Topics in Security

Security Research

About Us

About Topsec

China's leading cyber security, big data and cloud service provider

Learn about Topsec

Company Profile

Contact Us

Zero Trust

Build a dual system security framework of zero trust inference and trusted inference.

Intrusion Detection System

The system monitors network traffic in bypass mode, and accurately detects and audits in detail vulnerability attacks, DDoS attacks, virus propagation, and other risks and hidden dangers on the network.

Intrusion Detection System Overview

Topsec Intrusion Detection System (TopSentry) integrates ten functions of attack detection, web security detection, DDoS detection, weak password detection, brute force detection, zombie detection, illegal outreach detection, malicious program detection, APT detection, and threat intelligence for all-round and in-depth detection of network threats. TopSentry has six libraries: attack detection rule library, application identification library, geographic information library, zombie rule library, threat intelligence library, and URL classification library, which are professional, authoritative, rich, and multi-dimensional, making the product more accurate and rapid in threat detection. In the face of the current complex network attack environment, TopSentry provides comprehensive and deep threat detection capabilities, which can continuously combat the various security threats that are constantly emerging.

Activity & Announcement

Hot products Next Generation Firewall
Typical cases CNCC security construction project

Advantages

Precise positioning of zombies

TopSentry supports zombie behavior detection of botnets, Trojan horse control, worms, mining, extortion, mobile Trojan horse control, and APT, and supports detection of illegal server outreach and covert tunnel communication. TopSentry's rich and multi-dimensional detection methods + detailed and comprehensive log records can effectively avoid the harm caused by zombies.

Smooth upgrade and seamless full inspection

TopSentry has an authoritative attack rule library, which is periodically updated on a weekly basis. In case of emergencies, the rule library can be upgraded and security incidents can be detected as soon as possible. TopSentry supports the normal detection of security strategies without interruption during rule library upgrade, so as to achieve "smooth upgrade and seamless detection".

Threat intelligence, independent and reliable

TopSentry adopts the method of embedding the threat intelligence library locally, which can implement threat intelligence capability independently without linkage with a third-party threat intelligence platform. Threat intelligence is abundant, with various types of intelligence such as malicious IP address/URL/domain name/file. TopSentry's professional team continuously excavates, researches and tracks the latest intelligence to ensure reliable sources of threat intelligence.

Attack detection, comprehensive and accurate

TopSentry has all-round and in-depth attack detection capabilities, and can accurately detect various network attacks, including overflow attacks, code execution, injection attacks, XSS attacks, industrial control vulnerability attacks, and IoT vulnerability attacks. At the same time, TopSentry has anti-escape detection capability, which can detect escape behavior from the root.

Application

Bypass Deployment

In the face of the complex and volatile network environment, enterprises need not only monitoring for key areas, but also comprehensive monitoring for the entire internal network. TopSentry can be deployed at the entrance and exit of the enterprise network and key servers respectively, so as to keep abreast of the important information assets of the enterprise and the overall security status of the network.

Issues Resolved

Enhances overall protection of cyber security and effectively detects various kinds of network attacks, including new types of attacks.
Resolves the issue of insufficient professional security analysis capabilities of O&M personnel.
Meets compliance security inspection requirements from national and industry regulators.
Helps customers with security incident evidence collection and post-incident traceability.

Value to Customers

Professional attack detection engine

The system monitors various intrusion attacks and violations at L2 to L7 in real time, and can inform the administrator of taking further protective measures in the first place in many ways such as email sending and voice.

Complete IPv4/IPv6 protocol stack

The system is compatible with and identifies attacks under IPv4/IPv6 packets, effectively adapting to the trend of IPv6 popularity on today's networks.

Diverse compliance guarantee

The system helps customers meet the requirements of classified protection, hierarchical protection, and related industry regulations, and enhance compliance capabilities.

Fine-grained metadata extraction

The system has the comprehensive traffic audit function to record the metadata information about various network communications in detail, providing a multi-dimensional powerful basis for comprehensive security SWOT analysis.

Rich security log display

The system performs multi-dimensional security incident statistical analysis, which can intuitively grasp the complex threat landscape in the network information system.

Flexible device linkage capabilities

The system provides firewall linkage, advanced threat detection system (all-around sandbox) linkage, and centralized management linkage functions to protect customers' cyber security in all aspects.

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation