Trapnet | AMGINE

Trapnet

Integrated Honeynet Appliance Technology

Honeynet technology to spy out the purpose of intrusion and
analyze inducement of actual attacks with relation to hacking attempt.

Specialties of Trapnet

Enticing

Create a real-like environment to guide the penetration of attackers into systems vulnerable to information protection

Collection & Analysis

Detection and analysis of actual threats using protocol-specific intrusion detection and extraction and DPI based log collection

Visualization

Intuitive interface to help you identify significant trends in large attack logs

Management

Provides expanded structure, such as honeynet operational burden reduction and bandwidth, by simplifying virtual server management

Expectation effectiveness of Trapnet

  • Increasing the cost toward attacker through corresponding response at spy level
  • Visibility into domestic active vulnerability scanning and hacking attempts
  • Providing legal response and evidence through acquisition of evidence for infringement
  • Ability to establish countermeasures against critical vulnerabilities through attacker’s detection of spying and hacking trends
  • Based on information on key vulnerable section identification and breach types, trends, and response priority guide

When to get help with Trapnet

  • If you need a basis to respond to tracking / legislation based on spyware analysis and evidence acquisition.
  • If you need guidance on generating a list of infringing IPs and key response guidelines for proactive threats.
  • If you need to respond to vaccine- and sandbox-based detection failures.
  • If a detection service for the risk of second infringement is required after an infringement incident.
  • If you need to operate an environment that is vulnerable to information protection or an APT alarm service.

What is main features of Trapnet

Unified virtual server management

  • Administrative support such as domain registration / modification / deletion of virtual server group for inducing honeynet infringement traffic
  • Simplified management of virtual information gathering equipment
  • Simplified management of available network resources and domains
  • Virtual server and service (port) management for virtual honeynet infringement history

Detecting infringing traffic through network data collection and analysis

  • Support for individual sessions, PCAP format storage and download
  • User policy assignment of key protocol-based malicious patterns such as HeartBleed
  • Report on the calculation and classification of response priorities according to infringement cycle, attack characteristics, characteristics of infringing traffic scale
  • Automated calculation of origin and destination country information of infringing traffic and infringement IP distribution report by country, trial and ISP

Statistics and reports

  • Generate network flows and report on infringing traffic
  • Variable flow generation environment based on user-defined arguments
    – DBMS storage base of generation flow and analysis information for inquiry and analysis purposes
  • Enables automatic analysis of detailed information per session
    – Automatic analysis and storage of communication history of HTTP traffic
    – Automatic analysis and storage of communication history of DNS traffic
    – Automatic analysis and storage of all other communication history