ReputationWatch™ Delivers Real-Time, Automated, Intelligence-based Protection
ReputationWatch™, the newest Corero offering, identifies in real time known malicious entities and blocks access to “bad” IP addresses on-the-fly based on reputation or geographic origin to dynamically stop DDoS attacks and other malicious activity.
ReputationWatch is a key step towards enhancing Corero’s extensible platform, to provide a first line of defense to:
- Identify and block access from botnets and known sources of DDoS and other attacks
- Protect IT infrastructure
- Reduce false positives
- Eliminate costly downtime.
By adding this functionality to the Corero arsenal, businesses can continue to meet the threat head-on with the knowledge that their network will be automatically updated and configured against the latest malicious threats, saving time and money.
The Threat: Changing Faces of Internet Attackers
The Internet threat landscape is in a constant state of flux. New, malicious attack sources are created, PCs are hijacked into botnet armies and websites are compromised. IP addresses go from good to bad and back to good in minutes. Organizations cannot possibly maintain up-to-date security configurations manually as these attack sources change dynamically.
As a result, even the most effective network security solutions have to wait until the cyber attackers are banging on the gates to inspect, detect and mitigate malicious traffic.
ReputationWatch Stays Ahead of Cyber Criminals, Protects Your Organization
Corero’s ReputationWatch service solves this. It continuously assesses global intelligence across the Internet to determine the current threat status of malicious IP addresses, and is configured to automatically block malicious sources in response to these updates, saving time and money. Because it is continuously updating its information, ReputationWatch can unblock a “bad” IP when and if it is restored to good standing.
Using up-to-the minute, IP-based information, ReputationWatch automatically identifies and blocks access from:
- Known sources that have participated in DDoS attacks
- Bots that fall within identified botnet command structures
- Systems delivering specially crafted denial-of-service exploits, such as KillApache
- Anonymized IP address behind proxies
- Identified sources of malicious content attacks
- Phishing sites
- Spam sources
Control Traffic Country by Country with Geolocation
With ReputationWatch, organizations can block countries with which they do not transact business. With Corero’s geolocation functionality, IT administrators can now limit or even deny traffic. They can choose to block or set rate limits on all traffic from a nation associated with a large number of attacks reputation, setting exceptions for IP addresses with which they have legitimate business.
By continuously determining the current state of IP addresses and enabling geolocation-based policy enforcement, ReputationWatch minimizes an organization’s threat risk, reduces false positives and protects the business, reducing costly downtime by ensuring that an organization’s network and critical servers are available 24/7.