IP Reputation Scores: Additional Security for SMBs

Cybercriminals continue to find new ways toto deliver malware, DDoS and other attacks. These attacks can have substantial consequences for businesses and their stolen customer data.

But what can small businesses and organizations do to prevent these attacks from happening?

IP Reputation Scores: Additional Security for SMBs

To keep up with the increased volume of attacks stemming from websites, emails, malicious files etc., network administrators need timely and accurate tools to enforce safe web usage policies and to ensure that only trusted content is allowed onto the corporate network. IP Reputation Scoring is a key component in building effective and secure connections between users and services on the Internet.

IP Reputation Scores review several characteristics of an individual IP Address and give an analysis-based score of how likely a particular IP Address is to deliver attacks, such as malicious payloads, DoS attacks or other malware.

As defined by the Webroot BightCloud® IP Reputation Index, IP reputation and threat level assessments can be categorized as follows:

  • High Risk – high predictive risk that these IPs will deliver attacks, such as malicious payloads, DoS attacks, or others.

  • Suspicious – higher than average predictive risk that these IPs will deliver attacks to your infrastructure.

  • Moderate Risk – generally benign IPs but have exhibited some potential risk factors.

  • Low Risk – Benign IPs and rarely exhibit characteristics that expose your infrastructure and endpoints to security risks.

  • Trustworthy – Clean IPs that have not been tied to a security risk.

For network administrators or MSPs who work in severely content-sensitive environments, such as a bank or medical office, setting policies to block any IP address with a Moderate to High Risk IP Reputation score can serve as a critical element of a comprehensive cybersecurity infrastructure.

With cyber criminals increasing their attack frequency year after year, network admins and security professionals need to continue to adapt their security solutions to protect the gateway from all directions.

Untangle’s Threat Prevention App

Threat Prevention is the latest application from Untangle, adding an additional layer of insight and security for NG Firewall users. Threat Prevention scans IP addresses, blocking or granting access to web and application-based content after a complete analysis of the IP address reputation.

This new technology analyzes web pages, web page associations, applications and files and acts as a gatekeeper determining what is allowed, or not allowed onto the corporate network, based on the assessed Threat Risk level. The Threat Prevention App can evaluate even encrypted Internet traffic which hackers and cyber criminals are hiding behind with their malicious code and sneaky attacks.

Untangle’s Threat Prevention App, layered with the advanced applications currently available on Untangle NG Firewall, such as Web Filter, and Virus Blocker, allow system administrators to protect the network against malicious activity. SMBs and organizations now have multiple battalions of protections working on their behalf to seek out and block malicious activity that might come from any entrance point. Any incoming threat will be stopped by one, two, or all of Untangle’s protective apps before it can reach the company network.