Tunneled IP traffic access control and inspection
IP tunneling security
Malicious network communication is trivial to hidden inside IP tunnels like; "HTTP over TCP over IPv6 over IPv4". This network traffic routes through networks without problems.Most intrusion prevention systems would not notice if such traffic would be used for malicious purposes like Trojan communication.
Stonegate IPS provides comprehensive access control and deep inspect up to three nested IP layers by default.
If more IP layers are available, administrator can define if the network traffic is allowed or discarded.
Supported IP tunneling methods
- IPv6 encapsulation
- IPv4 encapsulation (IP-in-IP)
- GRE (IPv4, IPv6)
Benefits
- Granular access control for nested IP layers. When multiple IP layers are available, each layer
is separately matched against access rules
- Visibility for IP encapsulated network traffic. IP-in-IP encapsulation is a trivial method used for communicating "under radar" in internal networks, and in some cases through a firewall, too.