NSFOCUS Threat Analysis System (TAS)
NSFOCUS Threat Analysis (TA) identifies known and unknown malware, including zero-day threats entering the enterprise network via web pages, emails, or other file sharing methods. NSFOCUS TA uses several detection engines to identify known and zero-day threats, including an IP reputation engine, anti-virus engine, static analysis engine, and virtual sandbox execution. NSFOCUS TA can optionally be added to the NSFOCUS Next-Gen IPS to provide sandboxing capabilities.
Advanced Persistent Threat Protection
NSFOCUS TA provides virtual sandboxing capabilities capable of detecting, analyzing, and mitigating known, zero-day, and advanced persistent threats (APTs). The TA appliance monitors CPU, network activity, memory utilization, and system driver behavior in a virtual environment. It enables organizations to identify malicious activity and harmful executables before they reach critical servers and desktops.
Accurate Threat Detection
NSFOCUS TA utilizes a multi-stage detection engine to identify malicious activity. This approach combines signature detection, heuristic analysis, threat intelligence and virtual execution techniques to protect any network against today’s cyber threats.
The functionality of the NSFOCUS TA are highlighted in the diagram below. The various engines, detection techniques, malware databases, and reputation detection capabilities work in unison to address known and unknown threats. Easy-to-use statistics and trend reports, behavioral analysis reports, and comprehensive analysis services are also available.
Flexible configuration interface
Comprehensive object library
Custom service and policy definition
Statistics based on the attack chain
Multiple views for threat information: locations, users, and assets
Simplified Threat Management
Top 5 high-level threats
Latest threat events
24-hour threat trends
Daily, weekly, monthly, or annual reporting options
Multi-Protocol, Application, Code, and OS Support
NSFOCUS TA has broad protocol support, supports multiple file types, performs extensive static code analysis and virtual OS support.
Integrated Threat Intelligence
The most dangerous known threats are the ones that can’t be seen or detected until it is too late. The NSFOCUS Threat Analysis integrates global threat intelligence from the NSFOCUS Threat Intelligence Subscription Service to provide up-to-date protection from botnets, malicious sites, viruses and other discovered exploits.
Multiple Form Factors
The NSFOCUS TA is cost and performance optimized to meet the needs of any size organization.