Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace

Radware DefensePro

Avatar Emil Shrestha
December 11, 2024 08:11
Follow
app-115003789869.png

General Description

Radware DefensePro provides real-time network attack prevention solutions. It enables devices inside a network to communicate with each other to collect automatic updates of normal traffic baselines, detect behavioral patterns and obtain attack footprints. It consists of RadwareDefenseProCompiledNormalizer that normalizes Radware DefensePro events.

For LogPoint v6.7.0 or later For LogPoint v6.0.0 to v6.6.6

Release Details

Release Date: December 12, 2022

Release Version: 5.0.1

Download: RadwareDefensePro_5.0.1.pak

SHA256: 5c9e4269cb04611b6f9cdd23c9e5f163ec8e6a22aabce17e6534305c066c933a

Documentation: Radware DefensePro guide

Enhancement

A minor update has been done in the application’s normalizer for better signature handling. 

 

Release Details

Fields

Details

Name

Radware DefensePro

Version

3.3.0

Supported On

LogPoint v6.0.0 to v6.6.6

Release Date

2020-05-14

Document Date

2020-05-14

Download

RadwareDefensePro_3.3.0.pak

SHA256

faea942cffad29c3509f51b3794230e9a6fe76966f5153db9d0f456c204c5fa9


Package Details

The application consists of the following components:

  1. Normalization Packages
    • LP_Radware DefensePro 
    • LP_Radware DefensePro AppVision 3_4 
  2. Complied Normalizer
    • RadwareDefenseProCompiledNormalizer

Enhancement

A minor update has been done in the application’s normalizer for better signature handling.

Installation 

Follow these steps to install the Radware DefensePro v3.3.0 application:

  1. Download the Radware DefensePro package from the Download section above.
  2. Add Radware DefensePro as the required device in LogPoint.
  3. Create a collection policy with the Syslog Collector and appropriate processing policy.  
  4. Assign the collection policy to the device.

Supported Device

The supported device of Radware DefensePro with LogPoint in this configuration is:

  • Radware DefensePro

Log Format

Expected Log Format

Syslog

Log Samples

DefensePro: 17-11-2016 15:11:16 WARNING 350 Anti-Scanning "TCP Scan (horizontal)" TCP 1.1.1.1,1.1.1.1 0 0.0.0.0 22 0 Regular "Global" ongoing 11 5 N/A 0 N/A medium drop FFFFFFFF-FFFF-FFFF-05C3-000155B90F67#000

DefensePro: 27-08-2015 15:11:16 WARNING 350 Anti-Scanning "TCP Scan (horizontal)" TCP 9.1.4.1 0 0.0.0.0 22 0 Regular "Global" ongoing 11 5 N/A 0 N/A medium drop FFFFFFFF-FFFF-FFFF-05C3-000155B90F67#000 DefensePro: 27-08-2015 15:11:16 WARNING 350 Anti-Scanning "TCP Scan" TCP 8.5.7.2 0 0.0.0.0 0 0 Regular "Global" ongoing 0 0 N/A 0 N/A medium drop FFFFFFFF-FFFF-FFFF-002B-000155B90F67#000 DefensePro: 01-04-2012 19:49:25 WARNING 300000 Intrusions "BO-WINXP" TCP 192.168.x.xxx 1607 192.1xx.x.xxx 80 3 Regular "DMZ-Policy" occur 1 0 N/A 0 N/A low drop FFFFFFFF-FFFF-FFFF-0001-00004F7B1BE5

To export data to LogPoint, use Syslog collector on port 514 on the LogPoint server.


Support

If you have any queries or require assistance, please feel free to contact our support team: 

Email: servicedesk@logpoint.com
Phone: +45 7060 6100

Best regards,
untitled.svg

Comments

Article is closed for comments.

Related articles

  • Logpoint
  • Stix/Taxii
  • Randomize Process Plugin
  • Creation of a new normalization request
  • RedSocks
Was this article helpful?
0 out of 0 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.