Making the invisible visible - making the insecure secure

IDS / IPS​

What to do if the attacker got behind the firewall?

No problem. Now your Intrusion Detection and Prevention System from Enginsight takes care of that.

Over 10.000+ secured systems by hidden champions, SMEs and our partners.

Enginsight is the most comprehensive and simple security solution for all sizes of companies , Made in Germany.

Making security manageable

With Enginsight you are always one step ahead

No matter from where an attack starts. Keep your cool at all times thanks to Intrusion Detection and Prevention System.

Hazard prevention

Simplify your workday by keeping an eye on your traffic. Knowabout network activity at all times and stop attackers, no matter where the threat is located.

Create transparency

Make even hidden threats visible and get all relevant informationabout the attack clearly prepared. Automate your workflows individually and let us take the work off your hands.

Acting instead of reacting

While Enginsight scans your systems for possible threatsand blocksthem for you, you can take a break. With just a few clicks you can achieve more automationand thus more time and less effort.

Let's just let our customers have their say
"As an IT administrator in a mid-sized company working on a variety of tasks, Enginsight has made my day-to-day work much easier. For example, whereas before it took me 1-2 days a week to scan for security vulnerabilities, now it's one hour."

QSil AG, quartz glass manufacturer

This is where the magic starts

Detect and block attacks

With an intrusion detection system, you scan network traffic for attacks – the intrusion prevention system then blocks them. In combination, they make the invisible visible – and the insecure secure.

Everything in view

Analysis and evaluation of the attacks

With Enginsight, you always stay up to date on the status of potential attacks. Learn where attacks originate and how far they have come.

Safety everywhere

Flexibility: Scalable and home office ready

Home office devices in particular are usually more vulnerable to attacks. With Enginsight you stay secure and benefit from hardware-independent flexibility and scalability

Proactive

View into internal network

The decentralized approach allows you to detect and block attacks not only from the outside, but also in the internal network. Even with successful infiltration, attackers cannot spread further.

Making the invisible visible - making the insecure secure
RISK MANAGEMENT MADE EASY

Detect threats even behind the firewall and stop attacks before they bring your systems to their knees. Focus on a holistic protection of your IT landscape and enrich your security measures with further precautions.

Establish an effective IT inventory and always keep track of all assets
Regularly pentest your systems and learn where other vulnerabilities are located
Stay in control and make your systems fail-safe with IT monitoring.
Keep track of all system events at all times. And all this in just one software! Put an end to dozens of individual tools.
Check your system for vulnerabilities now for 14 days free of charge.
Feature Bashing

Technical details

Would you like to know a little more? Then you are exactly right here! Find out what Enginsight does for you in detail on the subject of IDS / IPS completely automatically.

The technical basis of Enginsight’s intrusion detection and prevention system is the Pulsar agents installed on all servers and clients. The IDS/IPS is therefore host-based. This is where Enginsight differs from network-based systems where the sensor is integrated at the switch, behind the firewall or in the firewall. This means that the IDS/IPS can be scaled hardware-independently for any size of company and remains active even if a client leaves the company network, e.g. to the home office.

The decentralized approach also makes it possible to detect and block attacks from within the internal network or even within a network segment. Attempts by hackers to spread further in the network after successful infiltration can thus be effectively prevented.

  • Host-based
  • Scalable
  • Homeoffice-ready
  • Detect and block attacks from internal network

Enginsight examines the content of network traffic for a variety of suspicious activities. By targeting very basic attack types, the IDS covers all major categories of network-based attacks. This already makes it almost impossible for the attacker to spy out information, gain access or spread further into the systems unnoticed.

  • Port Scan (TCP, UDP)
  • Spoofing (ARP, DNS)
  • Bruteforce (e.g. on SSH, FTP, RDP, HTTP)
  • Cross Site Scripting
  • SQL Injection
  • … and much more!

The scope of attacks that Enginsight detects and blocks can be extended to include those described in the SNORT Communiy Rules. Thus, the IDS/IPS also covers more specific attacks, for example on certain applications. For example, attacks on Microsoft IIS or Exchange Server, attempts to access sensitive data on a web server or CGI attacks can be identified. With just one click, SNORT Community Rules can be activated to benefit from advanced detection capabilities.

  • Detect and block attacks on specific software
  • benefit from the large scope of SNORT Community Rules

Detection and blocking levels can be assigned to all servers and clients according to their protection needs. This brings security, performance and availability into the ideal balance. By grouping servers and clients beforehand using the tag system, the user can then set the desired levels for the groups using a simple slider.

  • Easy configuration
  • Take over risk assessments
  • Align security, performance and availability

In the platform, Enginsight consolidates the network attacks detected on all servers and clients. IP addresses, origin and attack vectors used can be viewed here. Each attack is rated according to urgency (high, medium, low).

In addition, Enginsight analyzes the stage the attacker has already reached: from information gathering, to trying to gain access, to spreading to other systems in the network. Responsible persons can be informed about critical conditions with an alarm.

  • An overview of all attacks in the IT environment
  • Analysis and evaluation of the attacks
  • Inform responsible persons automatically

Customized whitelist entries can be used to define unusual but harmless behavior to ensure availability and smooth operation. For example, a whitelist entry is the right choice to allow the software component of Enginsight’s penetration testing to work properly. But other harmless activities on the network can also be handled specifically by IP address, attack vector, protocol and software.

But enough reading now!
A software says more than a thousand words.
Scan your IT for potential vulnerabilities now and pentest your IT - all included in the 14-day trial.