Disclosure of personal information

Threats to the internal network

Leaking corporate information

Increasing the cost of enterprise network operation and maintenance

The system starts traffic statistics.

System related configuration application, fingerprint learning.

The system starts attack prevention.

The system performs preventive actions.

The files obtained by users from website A and website B will be sent to the inspection node for inspection.

When a user visits website B, although the firewall will extract the file and send it to the detection node, the user can still access normally during the detection process

Site B.

After the detection node detects the suspicious file, it not only informs the firewall in the figure of the result, but also informs other network devices connected to it.

Assuming that website A is an unknown website, the administrator cannot detect the traffic file of this website sC

After the file decompression fails, the file will still be filtered. .

The application identification module can identify the type of application that carries the file.

Protocol decoding is responsible for analyzing the file data and file transmission direction in the data stream.

The file type recognition module is responsible for identifying the true type of the file and the file extension based on the file data

SACG and IP address 2.1.1.1 server linkage is not successful

SACG linkage success with controller.

master controller IP address is 1.1.1.2.

master controller IP address is 2.1.1.1.

Hacking

Weak personal safety awareness

Open company confidential files

Failure to update the virus database in time

Not self-replicating but parasitic

Trojans self-replicate and spread

Actively infectious

The ultimate intention is to steal information and implement remote monitoring