Complete Server Protection Features
Syspeace's server protection is an anti-hacking software, for brute force attacks specifically. Syspeace can detect and protect you from:
The Syspeace system is a Host-based Intrusion Detection and Prevention System (HIDPS). This simply means that it reasons about the pattern of failed login attempts and sequentially blocks the attacker once it can discern the attack from a legitimate user logging in incorrectly.
Protecting against intrusion attempts and brute force attacks also protects against consequences like ransomware, malware, and viruses.
Below you'll find an overview of all Server IPS features.
Syspeace Overview
We provide an actual multi-purpose management console that you can run on almost any modern Windows computer.
With this console, you will manage all your Syspeace installations as swiftly for a single account as for multiple accounts.
The console does not require line-of-sight to the services. Both the services and console must be able to connect to the Internet.
Having the possibility to manage your services wherever you are is a great advantage.
No extra components are required to install to gain full connectivity between all your consoles and your services.
We have built a layer of distributed, redundant relays that manages communication between nodes.
This means that you do not need to host any own webservers or databases or make holes in your firewall to allow for communication.
Using multiple consoles simultaneously is a design feature we are incredibly proud of.
Changes to service settings made in a console are propagated in real-time to other consoles. This allows multiple people to work simultaneously without corrupting settings or data.
Having staff be able to run their own console without being afraid of data corruption or missed settings is a huge advantage and a time saver.
Update all your services remotely by using the update feature in the console application.
This is a handy feature that minimizes maintenance when you manage several services.
Your applications should be able to utilize the capacity of your servers to the fullest.
Therefore, we have been working hard to reduce the memory footprint and CPU usage of Syspeace.
Syspeace is built for ease of use and to fit small and medium size businesses. It is easy to install, set up, and use.
Syspeace will protect your servers from brute force attacks with many functions that are unique in this space.
The modular design of the Syspeace infrastructure makes the product ideal for larger companies, MSPs, or enterprises.
Thanks to the high focus on automation and lights-out installation and updates, the maintenance time is low, and there is a minimal risk of manual errors.
Syspeace is easy to install on a scale using automation and commonly available tools and services.
Allocate support staff to access only a subset of your servers to allow for granular security.
Syspeace is compatible with both IPv4 and IPv6 networks.
Security by Design
Keeping information secure and limited only to those who use it is critical for our customers and our company.
Cyber security comes in many forms. One of the cornerstones for Syspeace's architecture is "security by design".
This ensures that all data are kept private and secure.
All communication between the console and services is encrypted using TLS.
No one but yourself can decode and interpret the data sent between the console and services within your account.
Only the customer holds the private keys used for encryption between the console and the services.
Console to service communication through Syspeace Relay is encrypted with unique, per-tunnel ephemeral keys negotiated through a Diffie-Hellman key exchange.
All components, consoles, and services, issue their own certificate with a unique private and public key.
The public key is then sent to other components within the same account, making it possible for them to cryptographically verify the integrity of your messages.
The implementation of PKI makes it impossible to inject fraudulent information from unauthorized sources.
You, as a customer, are the sole proprietor of your certificates and private keys.
No one but yourself can encode, decode and interpret the data sent between the consoles and services you use.
The private key never leaves your computer.
We store management and license information on our central servers for billing purposes. Our Global Blocklist, which we distribute freely, is built from block information our customers send to us.
All communication between our central storage and customers is secured by TLS and encrypted using PKI.
Principle of Least Privilege is important in any application to ensure safe and secure operations.
Create and maintain multiple user accounts for your support staff to separate responsibilities and manage security on multiple services within a Syspeace account.
License Details
Enjoy the user experience on our Syspeace license web.
This is where you swiftly manage the licenses for Syspeace, both your own and your customers.
Built to maximize your choice, the license console is an invaluable tool for managing your usage of Syspeace.
Get an excellent graphical overview of all your usage of licenses to follow up on your installations.
A good overview is the source of understanding your usage over time.
With a goal of zero maintenance, all our licenses are floating.
The services automatically pick up a free license from your license pool in the background. Whenever you buy a license in the Syspeace license web, that license is added to your pool.
No more hassles with separate license numbers for different servers.
One size really fits all!
With the dynamic license system, only pay for what you plan to use. Making a short-time license is as simple as creating one for extended usage.
Licenses can be stacked and be valid between different dates. This enables you to tailor your need over time.
Utilizing the license system to meet your needs optimizes your cost over time and cash flow.
We recommend you set up automatic recurring renewal of your licenses. The set up of recurring licenses is strictly on an opt-in basis per license.
You will never forget to renew a license, and your servers will remain protected.
Blocking Dynamics
Syspeace's blocking engine uses the Windows Filtering Platform (WFP) directly instead of Windows Firewall.
This engine is far faster and more efficient than the traditional firewall, governing the server's resources better.
It also serves those who have disabled the Windows Firewall or have other security-related products installed that govern the Windows Firewall.
Syspeace allows for creating extensive, capable and complex rules with an easy-to-use UI.
A rule can act on many different types of system information. This enables you to tailor specific events with specific circumstances in order to generate a block, giving you unmatched flexibility.
When a rule is created or changed, the built-in retrospective engine maximizes your protection by running the rule logic on historical data, adapting the need for blocks effectively.
This minimizes the time the server is open and vulnerable to known threats which enhances your level of security.
It is possible to limit what countries that can visit your servers by applying a country rule. This is often used to exclude traffic from countries where you do not have any customers from.
Hacking attempts originate from many countries. Minimize your attack area by limiting who can communicate with your servers.
Blocking an intruder is essential. However, since IP addresses change owners from time to time, it is good practice to block an IP address only for a specific time.
With Syspeace, you can block them for several years.
We do not recommend excessive blocking but rather release the block in a timely fashion to minimize the risk of blocking IP addresses that are no longer threatening.
Each time a computer blocks an external IP address, the block is registered in the Syspeace central database.
We scan this database regularly, looking for patterns.
When a blocked address is seen repeatedly at a number of our customers, Syspeace identifies the intruder as a widespread threat and then adds the IP address of the attacker to the Global Blocklist.
The Global Blocklist is then distributed to all Syspeace clients so that all customers can benefit from the preemptive blocking of known intruders.
The Global Blocklist is a great example of how we as a community gain advantages by cooperating, thereby increasing our security against hackers.
Live Status and Insights
Keep track of which IP addresses Syspeace are blocking.
You find them in an easy to read list, including the reason why they were blocked.
This is the place to go in order to find more about the login attempts made at your server.
This list consists of failed and successful logins fed through your rules and, depending on rulings, eventually end up as blocked IP addresses in Current blocks.
Understanding why something happened is often a clue to fixing a problem.
When an IP address is blocked, this is the place you find out which rule was trigged and also all the individual login tries that the rule acted on. It is also possible to find information on any IP address that have tried to login, failed or successful.
Find an easy-to-read list of both successful and unsuccessful historical login attempts.
The list can be filtered in numerous ways to drill down into the available information.
It is also possible to export the list to a readable csv-file.
Tying together accounts and login information from different IP addresses is priceless when you want a deeper understanding of what kind of threats you face.
This report generator lets you pivot and drill down into access information, giving you an even better understanding of the situation.
Enterprise Features
When you manage multiple customers that you need to keep on separate accounts, enjoy the ability to add multiple Syspeace accounts and thereby swiftly manage multiple services for multiple customers.
This is specially built for MSPs that need a high degree of separation.
Having multiple customers, groups, or divisions that you serve with Syspeace, it would be great to allocate licenses to them without the hassle of creating many separate accounts.
This is now possible using "license groups" where you can assign floating licenses to a specific group of servers.
This allows you to minimize the license and billing work, thereby saving time.
Within a Syspeace account, give your support staff individual user accounts to manage security for the servers within the Syspeace account.
Giving granular access to technical staff enables a good practice of security and keeping in line of POLP.
This feature minimizes maintenance time and cost as well as simplifies the design of separating responsibilities within a group of technical staff members.
POLP is a cornerstone. Each account has specific permissions per group of servers, per server tag or per individual server. This allows you to tailor access and rights to servers for individual accounts.
If you have servers on two continents, giving support staff in different locations access to only their own servers keeps the CISO happy.
Where Syspeace Can Protect You
As well as:
Download and try Syspeace v4
30-day free trial on one or more servers
Get hands-on experience with what Syspeace can do against your brute force attacks before ultimately deciding if Syspeace is for you!