"IPS 7.0 contains a new security capability, Cisco Global Correlation, which uses the immense security intelligence that we have amassed over the years. At regular intervals, Cisco IPS receives threat updates from the Cisco SensorBase Network, which contain detailed information about known threats on the Internet, including serial attackers, Botnet harvesters, Malware outbreaks, and dark nets. The IPS uses this information to filter out the worst attackers before they have a chance to attack critical assets. It then incorporates the global threat data in to its system to detect and prevent malicious activity even earlier."
Read the release notes to get more information.
SNORT and IPTABLES users may be familiar with a similar concept wherein you could do the lookups to various Realtime Blackhole Lists or RBLs
1 comment:
Can you list some of the RBL lookup sites?
Post a Comment