Last week TSplus released an important update to Advanced Security, the cybersecurity program for remote access environments. Version 6.3 includes a useful new feature that will drastically increase server security: Hacker IP Protection. Let's take a quick look at it.
IRVINE, Calif., June 15, 2022 (Newswire.com) - TSplus Advanced Security is a software specifically designed to secure the vulnerabilities inevitably created by the use of Remote Desktop. Installed on a Remote desktop or Gateway server, it protects servers and connections with a broad toolbox of security features, such as access restriction by time, geographic area and device, and protection against ransomware attacks.
A Multi-Sourced 6 Million Hackers IP Database
Advanced Security 6.3 new Hacker IP protection aims to protect systems against known cyberthreats such as on-line attacks, on-line service abuse, malwares, botnets, and other cybercrime activities.
To do so, the program blocks traffic from millions of malicious IP addresses based on a daily updated and multi-sourced database:
- External source: List of well-known malware, frequently updated and synchronized with Advanced Security
- Crowdsourcing: The Advanced Security community participate in building and correcting the database over time
An event is displayed each time the Hacker IP list has been synchronized. The list is long and therefore the protection powerful: users can see already about six million IP addresses blocked from the moment they enable it.
How does it work?
The feature acts like an additional security system creating new rules in the existing firewall (compatible with the Windows firewall and the TSplus built-in firewall), preventing access from and to the malicious IPs. The blocked IPs are added to the Advanced Security centralized Blocked IP Addresses list (which also gathers IPs blocked by the Homeland and Brute-Force features).
Every new address blocked by a majority of users is added to the block-list. And vice versa, when an address is unblocked/whitelisted by a certain number of users, it is removed from the database.
To benefit from a constantly up-to-date Hackers database and keep the protection efficient, customers must subscribe to the TSplus Support/Update service. The IP list is then silently updated every day, although the customer can also disable this automatic refresh or/and do it manually by clicking on the "Refresh Hacker IP" button.
More info can be found in the user guide.
Simplified Navigation to Enable Fast Actions on Security
To improve search and navigation through the security event log, there have been a few changes. Feature status at the top of the list is now clickable. This enables one-click access to a wide range of features. Additionally, a series of action buttons are now visible at the bottom of the event log (copy address, unblock, add to the while list...).
Others changes and fixes can be checked in the online changelog.
Note: the feature is disabled by default.
Source: TSplus Corp