Neural-X’ Threat Intelligence
is compilation of vast amounts of organized, analyzed and refined data
that enables organizations to understand the most common and severe
known & unknown risks as well as external threats. All of Sangfor’s many
security products can be connected to the Neural-X TI platform providing
up-to-date reputation services enabling more informed decision making. Here are some applications:
If Sangfor NGAF
detects an unusual outbound connection on a server connected to the
internet, it sends the suspicious DNS address to Neural-X for
verification. If threat intelligence has classified this particular DNS
as a known C&C server, it’s likely the server has been compromised. NGAF
can be programmed to block these C&C communications so no further damage
can be caused and to also send alerts to firewall operators for further
investigation and processing.
Similarly, if Sangfor IAM detects a
web browsing request from a protected user with destination URL
connected to a web server that is known to have been hijacked, IAM can
block the outbound connection, preventing the user from unknowingly
Real-time Monitor of Threat Intelligence
• Over 20,000 connected network gateways
provide IOC that includes malicious URL, IP, domain names and malware
hashes with the number of participating gateways doubling every year.
• Third party threat intelligence feed.
• Sangfor security R&D into
both white hat and black hat communities.