Intrusion Prevention System

Quantasoft Hosting (QSH) shared hosting environment and hosting services are protected with dedicated CISCO hardware firewall appliance with Intrusion Prevention System modul.

Intrusion prevention systems (IPS): is network security appliance that monitor our hosting network environment. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity and attempt to block it.

Signature-Based Detection: This method of detection utilizes signatures, which are attack patterns that are preconfigured and predetermined. A signature-based intrusion prevention system monitors the network traffic for matches to these signatures. Once a match is found the intrusion prevention system takes the appropriate action. Signatures can be exploit-based or vulnerability-based. Exploit-based signatures analyze patterns appearing in exploits being protected against, while vulnerability-based signatures analyze vulnerabilities in a program, its execution, and conditions needed to exploit said vulnerability.

Statistical anomaly-based detection: This method of detection baselines performance of average network traffic conditions. After a baseline is created, the system intermittently samples network traffic, using statistical analysis to compare the sample to the set baseline. If the activity is outside the baseline parameters, the intrusion prevention system takes the appropriate action. The particular intrusion in this case monitors users and network behaviors.