회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

FAQ

All
npcore [Zombie ZERO Inspector] How is the system of ZombieZERO Inspector composed?
ZombieZERO Inspector is composed of [ZombieZERO Detector] detection system for detection and response of APT attack flowed in over the network, and [ZombieZERO Analyzer] analysis system that provieds a detailed analysis using a sandbox-based virtual system, and [Integrated Management Monitoring System] that manages the system centrally. If the network traffic size is small, it's possible to integrate the Detection system and Analyzer system.
npcore [Zombie ZERO Inspector] How does the file collection flowed in on a network work?
ZombieZERO Inspector collects the file about the incoming protocol on a network through TAP mirroring or port mirroring method. And it has the advantage that doesn't affect the network load or system operation.
npcore [Zombie ZERO Inspector] What kind of protocol collected on a network and collectible file extensions are there?
Basically ZombieZERO Inspector collects the file that flows through the Web, FTP, SMTP, IMAP, POP, etc. And it collects the executable and compressed files such as EXE, DLL, Zip, RAR, etc. and document files such as PDF, MS Office, HWP. Besides, it collects the incoming files that have more than 30 various extensions.
npcore [ZombieZERO Agent] What’s the difference between [ZombieZERO Agent] and the existing anti-virus software?
For existing anti-virus software, it is possible to detect / block only the known malicious code with the signature-based (pattern matching) method. and it's vulnerable to attack. ZombieZERO Agent detects and blocks through signature-based and real-time behavior-based method. so it allows an immediate response from the threat of new/variant malicious code unknown as well as known. Therefore, ZombieZERO Agent is possible to perfectly respond to the zero-day attack unlike anti-virus software. Anti-virus software should perform a periodic pattern updates for detection / treatment of the new malicious code, but ZombieZERO Agent detects and blocks the illegal malicious behavior attempt that the infiltrated malware causes by applying the real-time behavior-based engine rather than pattern maching. so the Agent doesn't require extra pattern update for detection/treatment of new/variant malware.
npcore [ZombieZERO Agent] What kind of OS can ZombieZERO Agent be installed on?
It's possible to install on the OS such as Windows XP, Windows7 (32bit/64bit), Windows 8 (32bit/64bit), Windows8.1 (64bit).
npcore [ZombieZERO Agent] Is it possible to interwork with other network systems?
It's possible to interwork with the network security switch and other network system and security solution by customizing. If there is related question, please contact sales@npcore.com or the sales department [+82-2-1544-5317 (ext.2)]
npcore [Misc.] 'What does the Zero-Day Attack mean?
It means that the security attack conducted by abusing the vulnerability when the security vulnerability is discovered, before it's widely publicized. For a well-known anti-virus software, when the vulnerability is discovered on PC, manufacturer or developer distributes the patch to compensate the vulnerability, then user can cope by downloading this patch. [Zero-Day Attack] is done before this answer comes out , so we have no choice but to be attacked defenseless until the security patch comes out. Therefore it could seriously damage intranet of businesses as well as individuals.
npcore [Misc.] 'What does the APT mean?
Advanced Persistent Threat (APT) is a new hacking technique used by cyber criminals to persistently attack target victims using various methods (e-mail, web, etc.) until their objectives are achieved.
npcore [Misc.] What’s the difference between [ZombieZERO] and the existing security solutions such as firewall, IDS/IPS, anti-virus?
For firewall or the next-generation firewall, it blocks the access of allowed IP address and allowed protocol, so it has difficulties in blocking the malware entering via application. Also for IDS/IPS, it detects and blocks the packet entering via the network by signature-based method, so it has difficulties in detection and blocking when unknown malware enters via the network packet. Also for anti-virus software, it detects and blocks known malware via signature matching, so it has difficulties in real-time response of the attack via the infection of unknown new/variant malware. On the other hand , for ZombieZERO, it overcomed the limitations of these traditional signature-based security solutions, it conducts primary response that detects malware from the files entering via the network by a behavior-based analysis engine.
npcore [ZombieZERO Agent] Would not conflict problem occurs when I install ZombieZERO Agent because many applications were installed within the PC?
For the security solution installed on PC, it's installed on OS application, and it affects the risk of collision between programs and PC resources. But ZombieZERO Agent is installed on kernel driver(network driver), so it minimizes PC resources as well as the risk of collision with other program. Therefore it can be stably operated.
Zombie ZERO Inspector
npcore [Zombie ZERO Inspector] How is the system of ZombieZERO Inspector composed?
ZombieZERO Inspector is composed of [ZombieZERO Detector] detection system for detection and response of APT attack flowed in over the network, and [ZombieZERO Analyzer] analysis system that provieds a detailed analysis using a sandbox-based virtual system, and [Integrated Management Monitoring System] that manages the system centrally. If the network traffic size is small, it's possible to integrate the Detection system and Analyzer system.
npcore [Zombie ZERO Inspector] How does the file collection flowed in on a network work?
ZombieZERO Inspector collects the file about the incoming protocol on a network through TAP mirroring or port mirroring method. And it has the advantage that doesn't affect the network load or system operation.
npcore [Zombie ZERO Inspector] What kind of protocol collected on a network and collectible file extensions are there?
Basically ZombieZERO Inspector collects the file that flows through the Web, FTP, SMTP, IMAP, POP, etc. And it collects the executable and compressed files such as EXE, DLL, Zip, RAR, etc. and document files such as PDF, MS Office, HWP. Besides, it collects the incoming files that have more than 30 various extensions.
Zombie ZERO Agent
npcore [ZombieZERO Agent] What’s the difference between [ZombieZERO Agent] and the existing anti-virus software?
For existing anti-virus software, it is possible to detect / block only the known malicious code with the signature-based (pattern matching) method. and it's vulnerable to attack. ZombieZERO Agent detects and blocks through signature-based and real-time behavior-based method. so it allows an immediate response from the threat of new/variant malicious code unknown as well as known. Therefore, ZombieZERO Agent is possible to perfectly respond to the zero-day attack unlike anti-virus software. Anti-virus software should perform a periodic pattern updates for detection / treatment of the new malicious code, but ZombieZERO Agent detects and blocks the illegal malicious behavior attempt that the infiltrated malware causes by applying the real-time behavior-based engine rather than pattern maching. so the Agent doesn't require extra pattern update for detection/treatment of new/variant malware.
npcore [ZombieZERO Agent] What kind of OS can ZombieZERO Agent be installed on?
It's possible to install on the OS such as Windows XP, Windows7 (32bit/64bit), Windows 8 (32bit/64bit), Windows8.1 (64bit).
npcore [ZombieZERO Agent] Is it possible to interwork with other network systems?
It's possible to interwork with the network security switch and other network system and security solution by customizing. If there is related question, please contact sales@npcore.com or the sales department [+82-2-1544-5317 (ext.2)]
npcore [ZombieZERO Agent] Would not conflict problem occurs when I install ZombieZERO Agent because many applications were installed within the PC?
For the security solution installed on PC, it's installed on OS application, and it affects the risk of collision between programs and PC resources. But ZombieZERO Agent is installed on kernel driver(network driver), so it minimizes PC resources as well as the risk of collision with other program. Therefore it can be stably operated.
Ransomware
Misc.
npcore [Misc.] 'What does the Zero-Day Attack mean?
It means that the security attack conducted by abusing the vulnerability when the security vulnerability is discovered, before it's widely publicized. For a well-known anti-virus software, when the vulnerability is discovered on PC, manufacturer or developer distributes the patch to compensate the vulnerability, then user can cope by downloading this patch. [Zero-Day Attack] is done before this answer comes out , so we have no choice but to be attacked defenseless until the security patch comes out. Therefore it could seriously damage intranet of businesses as well as individuals.
npcore [Misc.] 'What does the APT mean?
Advanced Persistent Threat (APT) is a new hacking technique used by cyber criminals to persistently attack target victims using various methods (e-mail, web, etc.) until their objectives are achieved.
npcore [Misc.] What’s the difference between [ZombieZERO] and the existing security solutions such as firewall, IDS/IPS, anti-virus?
For firewall or the next-generation firewall, it blocks the access of allowed IP address and allowed protocol, so it has difficulties in blocking the malware entering via application. Also for IDS/IPS, it detects and blocks the packet entering via the network by signature-based method, so it has difficulties in detection and blocking when unknown malware enters via the network packet. Also for anti-virus software, it detects and blocks known malware via signature matching, so it has difficulties in real-time response of the attack via the infection of unknown new/variant malware. On the other hand , for ZombieZERO, it overcomed the limitations of these traditional signature-based security solutions, it conducts primary response that detects malware from the files entering via the network by a behavior-based analysis engine.