- About Us
- Security Center
The ThreatSTOP IP Firewall is a cloud based solution that enables your existing firewalls and routers to block inbound and outbound communications to cyber-criminal’s command and control (C&C) architecture. The service prevents data theft, reduces network load and attack surface. It is deployable within an hour without the expense, complexity and delay of hardware upgrades, network reconfigurations, retraining or manual updates. With auto-updates to ensure up-to-date protection without creating additional overhead and powerful reporting that details compromised devices on your network.
ThreatSTOP's IP Firewall technology lives in the cloud and provides a list of active bad IP addresses to your existing firewalls that is updated in near real time via a patented distribution mechanism. When a Bot or other malware attempts to "call home," ThreatSTOP IP Firewall prevents this from happening by blocking the communication to the criminals' computers.
The ThreatSTOP IP Firewall service works with any firewall, or other traffic management device, that can make a forwarding decision based on a DNS lookup. For systems without that native capability, it is simple to write scripts on the management stations that update rules using lists retrieved from DNS. Below we have - as well as the generic overview - implementation details for a number of the most common firewalls.
For firewalls that we do not currently support directly, we recommend that customers deploy a software firewall (e.g. Vyatta or pfSense) in bridge mode behind the firewall. This deployment method has been used successfully by many of our customers to identify and block botted machines on their networks.