Infected LAN

Infected LAN

 

INFECTED

 

LAN

 

The Network Box Infected LAN engine helps pinpoint infected workstations, servers, and connected smart devices in the LAN/DMZ areas of your network, to be quarantined.

 

While other engines (such as anti-malware and content filtering) can detect access to malicious content, the Infected LAN engine scans outbound traffic to identify botnet access from your network.

 

 

To stay up-to-date, the Infected LAN engine subscribes to a PUSH updated signature set of several thousand malicious URLs and IP addresses used by known botnet command and control centres. Currently, Network Box provides support for:

 

  • cryptowall
  • feodo
  • locky
  • palevo
  • teslacrypt
  • torlock
  • zeus
  • and other common botnets

 

 

 

Key Features

Blacklisting of infected systems

Identification and dynamic blacklisting of infected systems.

Detection of botnet access

Detection of outbound access to known BotNet and malware sites.

Highly granular detection

Highly-granular detection for highly-prolific malware (such as Palevo, Conficker, Zeus, etc).