Service Overview
IPS(Intrusion Prevention System) continuously updates IPS intrusion detection policies reflecting the latest security threats to respond in real time. Additionally, it detects up to the application layer through packet monitoring.
Features
- Latest Attack Type Detection: Generate detection patterns for new threats, and improve detection rate through continuous signature management. Apply the TI DB of security specialist companies and self-developed advanced detection policies, and provide services by correlational analysis of the relationship between attack patterns detected by IPS and patterns set in SIEM (Security Information and Event Management).
- Cloud Optimized Operations: We provide detection services optimized for cloud environments. When a security threat occurs, we respond quickly through security professionals.
- Efficient response and support: Monthly reports are provided to check the details of the event.
Configuration diagram
The public IPS service does not provide monitoring (Security Center).
Provided Features
We provide the following features.
- Intrusion Detection and Analysis
- In-depth analysis through raw data
- New threat detection pattern update reflecting external trend information
- Periodic detection pattern optimization
- Monitoring Information Provision
- Monthly report provision
- Intrusion response
- Provide IP information of attack attempts on SCP client servers
Components
- IPS provides services based on public IP configured within the VPC.
- We provide services targeting servers that can be accessed via the Internet, and when a user requests a service, we refer to the server (Virtual Server) specifications listed in the service application form.
Constraints
IPS provides detection based on traffic that is not encrypted with HTTP. It does not provide monitoring for traffic encrypted with HTTS SSL.
The public IPS service does not provide monitoring (Security Center).
Provision status by region
IPS can be provided in the environment below.
| Region | Normal (Enter) | Public |
|---|---|---|
| Korea West (kr-west1) | Provided | Not provided |
| Korea East (kr-east1) | Not provided | Not provided |
| Korea South 1 (kr-south1) | Not provided | Provided |
| South Korea South 2(kr-south2) | Not provided | Provided |
| South Korea South3 (kr-south3) | Not provided | Provided |
Table. IPS Region-wise Provision Status
Preceding Service
- This is a list of services that must be pre-configured before creating the IPS service. For details, refer to the guide provided for each service and prepare in advance.
- When creating a VPC’s Internet Gateway, you must select SIGW (Secure Internet Gateway) in the category to be able to use IPS.
Caution
- When creating a VPC’s Internet Gateway, if you select Internet Gateway in the ‘Category’, you cannot use the IPS service.
- If you change to Secure Internet Gateway, you need to change the public IP you are using.
| Service Category | Service | Detailed Description |
|---|---|---|
| Networking | VPC | A service that provides an independent virtual network in a cloud environment |
Table. IPS Pre-service