Syspeace Protection Features
Automatic hacking attacks
Brute force attacks
Ransomware, malware andr viruses visa brute force attacks
The Syspeace system is a Host-based Intrusion Detection and Prevention System (HIDPS). Simply meaning that it reasons about the pattern of failed login attempts and sequentially blocks the attacker once it can discern the attack from a legitimate user logging in incorrectly.
These patterns are readily customizable by configuring Syspeace’s “rules”. Syspeace works straight out of the box, but you can customize it to suit your organization’s specific needs.
Customize Syspeace To Make It The Best IT Security Tool For You
Rules let you configure how certain accounts, domains or login method might change the requirements for Syspeace to notice an attacker, or raise the lockout period. For example, you might set a much lower tolerance for invalid logins on domains that are not on your own Windows domain. Responsive rules ensure block changes take effect immediately – including reshaping existing blocks and adding blocks retroactively.
You further customise it through local whitelisting and local, and global, blacklisting of certain IP addresses. Syspeace now also supports geo-blocking, stopping any login attempt from a specific region.
Syspeace’s Settings Allow You ToConfigure your own local whitelist.
Configure your own local blacklist.
Use our Global Blacklist.
Geo-block specific countries.
Responsive rules with retroactive reshaping of blocks.
Search the log of detected login/intrusion attempts.
Receive email when a block is performed.
Receive daily and/or weekly mail with aggregated intrusion information both as plain text and attached CSV file.
Syspeace’s Remote Status Allow You ToManage and view all your servers from one place
Where Syspeace Can Protect YouRemote Desktop Services (RDP)
Exchange Servers SMTO mail accounts
Outlook Web Access (OWA)
As well as other programs using Windows authentication:Login attempts on Exchange SMTP connectors.
Login attempts to Microsoft SQL Server.
Login attempts to your website using the optional Web Detector plugin (requires matching detector in web site).
Read more about Syspeace’s features below.
Homeland Protection With
We’ve commonly seen blocks coming from countries which have no business in entering servers in the host country. Several of our customers work globally, but many do not, and regardless of this, it does not mean that serving a customer from that country means that they should be able to, say, trigger a Windows login attempt on this server.
You set up Country rules, describing which countries you don’t want to allow access from and Syspeace will keep track of this for you, blocking any login attempt from those regions immediately.
Known attacks coming from Russia? Block Russia permanently.
Travelling employee? Unblock regions temporarily.
The software is configurable to suit your specific needs.
Throughout the years our software has gathered important intel. This network has enabled us to create an extensive Global Blacklist of IP addresses which tend to do harm.
Each time a computer blocks an external IP address, the block is registered in the Syspeace central database. We scan this database a number of times each day looking for patterns. When a blocked address is seen repeatedly at a number of our customers, Syspeace identifies the intruder as a widespread threat then adds the IP number of the attacker to the Global Blacklist. Thereafter, distributed to all Syspeace clients, so that all customers can benefit from preemptive blocking of known intruders.
Intrusion detection and intrusion prevention is the key.
Therefore, Syspeace can pre-emptively block attackers based on failed attempts that have been blocked at other participating Syspeace installations worldwide through our Global Blacklist.
Local Whitelist and Blacklist
With the local whitelist, you can exclude certain IP addresses or ranges from being considered attacks; great for making sure that trusted users on internal networks never run into problems or to temporarily give a badly configured server the benefit of the doubt.
With the local blacklist, you can manually add IP addresses that you want Syspeace to treat as attackers.
Control and Statistics
Syspeace provides tools to compare and keep track of the information kept on the attackers. Using these tools you can discern internal threats from external threats. You can also collect statistics about when the attacks take place, see whether an IP address has been used to log in successfully, see from which IP addresses a user tends to log in or just browse the raw information kept about login attempts.
Additionally, with our e-mail report, you can be alerted via email whenever one of a few important events happen, such as when an attacker is blocked, the block expires, rules are modified, the license status changes, the Global Blacklist changes or the service is stopped or started. Building on this, reports are available to summarize attacks and blocking activity during daily and/or weekly.
The Syspeace Architecture is built upon a layer of secure communication.
All information between different components within an account is encrypted using certificates where the customer is the only one holding the key. All communication with the central backend (for licensing, global block list etc) is also encrypted using TLS.
Having a multitude of servers can be overwhelming to maintain. Syspeace offers a Remote Status Console where the status of all your servers can be seen and simple tasks can be performed. Syspeace is the only solution on the market that actually lets you combine a locally installed console to see all of your servers that does not depend on all of them sitting on the same network in line-of-sight.
Quickly Raise Your Shields
Syspeace has Responsive Rules with Retroactive Reshaping – This allows you to quickly raise your shields and mitigate an attack when you face yourself under pressure from an attacker. When you change a rule, previous blocks are adapted to the new rule parameters like block duration, including creating blocks that do not currently exist but would have existed if the new parameters had been in place previously. Syspeace is the only solution in the market that gives you this unique feature.