I-series sBDS_new

Hillstone I-Series Server Breach Detection System (sBDS)

Key features

  • Threat Correlation Analytics
  • Correlation among unknown threats, abnormal behavior and application behavior to discover potential threat or attacks
  • Multi-dimension correlation rules, automatic daily update from the cloud

See more on the Cyber Kill Chain.

Product Description

The Hillstone sBDS solution is a key component of Hillstone’s Intranet security portfolio, protecting critical assets such as servers, and leveraging Hillstone’s unique behavior-based threat detection technology to detect compromised hosts and threats within the intranet. Deployed in front of critical servers, Hillstone sBDS monitors server behavior and establishes a behavioral baseline. When the pattern changes, the advanced behavior detection engine alerts the other parallel engines of the event, where it is quickly pinpointed, characterized, and the IT security team is notified of the action with all of the pertinent information. The Hillstone sBDS solution is often tapped into an enterprise internal network traffic, and complement existing perimeter protection, such as Next-Generation Firewall (NGFW) and Network Intrusion Prevention System (NIPS).

Comprehensive threat correlation analytics for advanced threat detection

Hillstone’s threat correlation engine analyzes the details of the relationships of each individual suspicious threat event as well as other contextual information within the network, in order to connect the dots and provide accurate and effective malware and attack detection with high confidence levels.


Real-time risk monitoring for internal networks and critical assets

HIllstone sBDS allows admins to define critical assets based on their business operation priority, inspect all traffic that pass through the assets with advanced threat detection functions, and show risk and threat details for each critical asset.


Full life cycle threat visibility and insight through the cyber kill chain

Hillstone sBDS – beyond just detecting the threat – maps the threat events to the cyber kill chain (CKC) model and provides deep insights into the post-breach threat attack path inside the compromised network. Security administrators can understand more about each stage of the attack and take proper action to stop exfiltration of sensitive data from the internal network.