Trapnet | AMGINE


Integrated Honeynet Appliance Technology

Honeynet technology to spy out the purpose of intrusion and
analyze inducement of actual attacks with relation to hacking attempt.

Expectation effectiveness of Trapnet

  • Increasing the cost toward attacker through corresponding response at spy level
  • Visibility into domestic active vulnerability scanning and hacking attempts
  • Providing legal response and evidence through acquisition of evidence for infringement
  • Ability to establish countermeasures against critical vulnerabilities through attacker’s detection of spying and hacking trends
  • Based on information on key vulnerable section identification and breach types, trends, and response priority guide

When to get help with Trapnet

  • If you need a basis to respond to tracking / legislation based on spyware analysis and evidence acquisition.
  • If you need guidance on generating a list of infringing IPs and key response guidelines for proactive threats.
  • If you need to respond to vaccine- and sandbox-based detection failures.
  • If a detection service for the risk of second infringement is required after an infringement incident.
  • If you need to operate an environment that is vulnerable to information protection or an APT alarm service.

What is main features of Trapnet

Unified virtual server management

  • Administrative support such as domain registration / modification / deletion of virtual server group for inducing honeynet infringement traffic
  • Simplified management of virtual information gathering equipment
  • Simplified management of available network resources and domains
  • Virtual server and service (port) management for virtual honeynet infringement history

Detecting infringing traffic through network data collection and analysis

  • Support for individual sessions, PCAP format storage and download
  • User policy assignment of key protocol-based malicious patterns such as HeartBleed
  • Report on the calculation and classification of response priorities according to infringement cycle, attack characteristics, characteristics of infringing traffic scale
  • Automated calculation of origin and destination country information of infringing traffic and infringement IP distribution report by country, trial and ISP

Statistics and reports

  • Generate network flows and report on infringing traffic
  • Variable flow generation environment based on user-defined arguments
    – DBMS storage base of generation flow and analysis information for inquiry and analysis purposes
  • Enables automatic analysis of detailed information per session
    – Automatic analysis and storage of communication history of HTTP traffic
    – Automatic analysis and storage of communication history of DNS traffic
    – Automatic analysis and storage of all other communication history