MDS: Detects and analyzes traffic anomalies
- Inspects and analyzes various Internet service protocols (HTTP, SMTP, SMB/CIFS, and FTP)
- Monitors two-way traffic for inbound and outbound file transmission (IPv4/IPv6)
- Detects and quarantines malicious emails and attached files (available when MTA license is applied)
MDS Manager: Centrally monitors and manages logs from MDS appliances as well as MDS agents
- Provides threat status and events information on dashboard
- Displays the detected malware and traffic anomalies
- Provides detailed logs on event type, IP address and behaviors on file, process, registry, and network
- Integrates and manages events and logs detected by MDS appliances deployed on network segment, email segment, network shared folder segment, etc.
MDS Agent: Collects and responds to suspicious files in endpoints
- Extracts suspicious files from host systems – Machine-learning technology adopted
- Responds to suspected infected host systems including malware removal, system isolation, etc.
- Detects abnormal process and conducts Execution Holding on suspicious files
Cyber Kill Chain-based Response
- The latest cyber threats originate from outside networks and exploit known vulnerabilities. It also has become more difficult to identify such malware. AhnLab MDS proactively detects and responds to threats at each stage of the advanced threat lifecycle.
Holistic Response on Both Networks and Endpoints
AhnLab MDS provides a comprehensive approach to combat the advanced threats across networks and endpoints.This advanced security system protects endpoints and networks within a single architectural framework and in an integrated management environment.
- Provides an advanced hybrid approach with assembly-level analysis—a hybrid technology of static analysis and dynamic analysis—to detect exploitation
- Blocks harmful URLs and outbound traffic to Internet Relay Chat (IRC) and Command & Control (C&C) servers
- Prevents the execution of suspicious files that attempt to run on endpoint and blocks or permits the execution depending on the analysis result
- Combats email-based threats that use spear phishing tactics and evade anti-spam filters
Reduced Burdens of Security Operation and Cost
AhnLab MDS also eases the burden of security operation and offers long-term value for your organization through a low total cost of ownership and exceptionally rapid return on investment (ROI).
- Combines on-premise malware behavior and signature engine with AhnLab’s cloud-based analysis resources to stop zero-day threats, remediates infected systems, and provides ongoing intelligence that benefits all AhnLab customers
- Automatic and manual malware removal and precise checks on abnormal network activity without affecting normal business operations