What is eguardo?
Did you ever realise how hard it is to configure the Windows Firewall? Even if you have the best configuration, the primivite infrastructure of the firewall itself won't allow you to analyze or block threats when they occur. eguardo is a security and instrusion detection software designed to secure several network services.
In general, eguardo watches the network services and their logs to generate system behaviour and immediately determines unusual network traffic. With the correct actions, eguardo will prevent the attacker to leak into your system.
eguardo is not only dependent to services and their logs, it analyzes many indicators of the underlying system to take the right defensive action.
Beside generating security rules dynamically, eguardo also uses a global black list. This black list consists of many blocked IP addresses gathered from eguardo installations worldwide. With the help of the black list, eguardo will protect your system before the attacker can detect your vulnerabilities.
eguardo analyzes your network traffic and decides who to block in a manner of time based on the rules defined. eguardo is not a firewall, it is a supporting tool for firewalls (for now, eguardo supports native Windows Firewall).
With the help of eguardo open API, you can compile your own modules to protect any kind of network enabled service by using libraries delivered with the installation. You can see the working examples including Microsoft .NET and PHP from our developer corner online.
eguardo protects for
- Remote Desktop (RDP) threats
- Microsoft FTP Server threats
- Internet Information Service threats
- Microsost Asp.Net WebForms / Services / Applications threads
- MSSQL Server threats
- MySQL Server threats (V5.7 And Upper)
- SMTP threats
- Microsoft Exchange Oulook Web Access (OWA) threats
- Microsoft Sharepoint Portal threats
- Microsoft CRM threats
- Microsoft Lync Server threats
- Custom Application threats using eguardo developer API
- Forward all thread info to custom application using eguardo Event Propagation API
eguardo is not another firewall!
With the comprehensive firewall scripting technique, eguardo can control any firewall with SNMP, telnet or through SOAP API. Built-in functionality for Windows Firewall
and Cisco IOS devices doesn't require any scripting to start blocking offensives.
What typically eguardo do?
eguardo simply listens Windows log files or flexible net-flow data from Cisco to analyze network traffic and based on the given credentials, eguardo blocks offenders using native Windows Firewall or through your gateway. eguardo also checks it's comprehensive global black list through the fingerprint analysis. If previously blocked offensive is located in the global black list, the offensive will be automatically blocked. Global Black List is gathered from thousands of eguardo installations and web sites using eguardo API worldwide. The fingerprints are analysed and based on certain rules they are added to eguardo black list. Currently more than 100 thousand IP addresses are in the black list.
Supported Operating Systems
eguardo is tested & known to work with the operating systems below:
|Operating System||Standard Edition||Professional Edition||Enterprise Edition|
|Microsoft Windows Vista|
|Microsoft Windows 7|
|Microsoft Windows 8|
|Microsoft Windows 10|
|Microsoft Windows Server 2008|
|Microsoft Windows Server 2008 R2|
|Microsoft Windows Server 2012|
|Microsoft Windows Server 2016|
||Buy Standard Edition
||Buy Pro Edition