Configuring the Agent's Settings
analyzes network packets and compares them with both known attacks and known patterns of attack, and then blocks those attacks. One of the key capabilities of the Intrusion Prevention System is its capability to do deep packet Inspection. By default, this option is enabled on the Agent.
Enable port scan detection
Detects if someone is scanning your ports, and notifies you. Port scanning is a popular method that hackers use to determine which of your device’s ports are open to communication. Ports are dynamically blocked by the Agent and are therefore protected from hacking attempts.
If disabled, the Agent does not detect scans or notify you of them, but still protects your ports from hacking attempts. By default, this option is enabled on the Agent.
Enable driver level protection
Blocks protocol drivers from accessing the network unless the user gives permission. If a protocol driver attempts to access the network, you will see a
Enable stealth mode browsing
Stealth mode describes a computer that is hidden from web servers while on a network. A computer on the Internet, for instance, if in stealth mode, cannot be detected by port scans or communication attempts, such as ping. By default, this option is disabled on the Agent.
Enable DoS detection
Causes the Agent to check incoming traffic for known Denial of Service (DoS) attack patterns. DoS attacks are characterized by an explicit attempt by an intruder to prevent legitimate users of a service from using that service. By default, this option is enabled on the Agent.
Block Universal Plug and Play Traffic
Causes the Agent to look for and block UPnP traffic to counter the vulnerabilities that are introduced by this operating system feature: The first vulnerability could enable an attacker to gain complete control over an affected system, while the second vulnerability could enable an attacker to either prevent an affected system from providing useful service or utilize multiple users’ systems in a distributed denial of service attack against a single target. Users can disable this feature when using applications that require the UPnP protocol to operate. By default, this option is enabled in the Agent.
43