Corero Network Security Launches ReputationWatch™ for Real-Time IP Address Blocking of DDoS Attacks

Dynamic Analysis of Malicious IP Addresses Provides First Line of Defense for Businesses in Malaysia

MALAYSIA 11 September, 2012– Corero Network Security, the first line of defense for organizations with its DDoS Defense and Intrusion Prevention Systems (IPS), today announced that it is extending its capabilities with the launch of ReputationWatch. ReputationWatch will identify in real-time known malicious entities and block access to ‘bad’ IP addresses ‘on-the-fly’ based on reputation or geographical origin, to dynamically prevent DDoS attacks and other attack activity.

ReputationWatch will provide local businesses with contextual awareness by automatically changing network configurations to block malicious IP addresses in response to the latest intelligence. By monitoring for constantly changing IP addresses, bots that fall within the recognized botnet command structures and those that have historically participated in malicious content attacks, it will prevent network access, reduce the number of false positive alerts and eliminate costly downtime by ensuring the network is always up. The dynamic analysis capability also means that the IP address is subsequently unblocked when it is no longer a source of attack. 

In addition to stopping attacks from malicious IP addresses, ReputationWatch will feature geolocation technology that will enable local organizations to proactively enforce security policies based on the national origin of IP addresses. IT administrators will be given the control to set access policies for each nation, allowing the business itself to deny or control the rate of traffic from countries with which they do not do business, or countries associated with high numbers of attacks. It will also be possible to set exceptions for those IP addresses in high risk countries with which the organization does do legitimate business.

“The launch of ReputationWatch is another key step towards enhancing Corero’s extensible platform to provide a first line of defense to combat threats, protecting IT infrastructure and eliminating costly downtime,” said Eryin Halmen, Regional Manager of Corero Network Security, South East Asia. “By adding this extra functionality to the DDoS arsenal, businesses can continue to attack the threat head on with the knowledge that their network will be automatically updated and configured against the latest malicious threats, saving both time and money for the organization.”

ReputationWatch solves the problem of manually maintaining security configurations with automated, threat intelligence feeds. It provides dynamic real-time configuration changes in response to the latest intelligence so that organizations are defended from all types of attacks, including:

·         Known sources of DDoS

·         Bots that fall within identified botnet command structures

·         Systems delivering specially crafted denial-of-service exploits, such as KillApache

·         Identified sources of malicious content attacks

·         Phishing sites

·         Spam sources