Configuring the Agent's Settings
analyzes network packets and compares them with both known attacks and known patterns
of attack, and then blocks those attacks. One of the key capabilities of the Intrusion
Prevention System is its capability to do deep packet Inspection. By default, this option is
enabled on the Agent.
Enable port scan detection
Detects if someone is scanning your ports, and notifies you. Port scanning is a popular
method that hackers use to determine which of your device’s ports are open to
communication. Ports are dynamically blocked by the Agent and are therefore protected
from hacking attempts.
If disabled, the Agent does not detect scans or notify you of them, but still protects your
ports from hacking attempts. By default, this option is enabled on the Agent.
Enable driver level protection
Blocks protocol drivers from accessing the network unless the user gives permission. If a
protocol driver attempts to access the network, you will see a pop-up message asking if you
want to allow it. By default, this option is already enabled on the Agent.
Enable stealth mode browsing
Stealth mode
describes a computer that is hidden from web servers while on a network. A
computer on the Internet, for instance, if in stealth mode, cannot be detected by port scans
or communication attempts, such as
ping
. By default, this option is disabled on the Agent.
Enable DoS detection
Causes the Agent to check incoming traffic for known Denial of Service (DoS) attack
patterns. DoS attacks are characterized by an explicit attempt by an intruder to prevent
legitimate users of a service from using that service. By default, this option is enabled on the
Agent.
Block Universal Plug and Play Traffic
Causes the Agent to look for and block UPnP traffic to counter the vulnerabilities that are
introduced by this operating system feature: The first vulnerability could enable an attacker
to gain complete control over an affected system, while the second vulnerability could enable
an attacker to either prevent an affected system from providing useful service or utilize
multiple users’ systems in a distributed denial of service attack against a single target. Users
can disable this feature when using applications that require the UPnP protocol to operate.
By default, this option is enabled in the Agent.
43