When you think of IT attacks, you may think of targeted attacks against a company. But a large part of attacks are attackers going from company to company, from server to server, trying to attack everything they can in the hopes of gaining access somewhere, or just to inconvenience and disrupt. These attackers cast a broad net and often reappear across different companies.

To help combat this type of attack, Syspeace has developed the Global Blocklist. Here’s how it works.
  • When a server running Syspeace blocks an external IP address, the block is registered in the Syspeace central database.
  • This database is scanned a number of times each day looking for patterns. When a blocked address is seen repeatedly at a number of our customers, Syspeace identifies the intruder as a widespread threat and then adds the IP number of the attacker to the Global Blocklist.
  • Repeatedly throughout the day, a snapshot of the most recent and most persistent attackers is distributed to all Syspeace users, so that all customers can benefit from preemptive blocking of known intruders.

The Syspeace Global Blocklist turns detection in one place into pre-emptive blocking in many other places. All Syspeace customers benefit from seeing the combined effort across all Syspeace servers.

Because it is based on real, recently detected intrusion attempts, the Global Blocklist is relevant. Because it includes the IP addresses that are most worth blocking up front right now and excluding attackers that were active last week but aren’t active now, the Global Blocklist is agile. Because it is based on intrusion attempts across multiple customers and multiple servers, it is also highly unlikely to contain false positives.

Syspeace Realtime Blocklist packages a large blocklist based on a wider and longer term look at the same information, for use in a firewall or other external system via our API.

Learn more…

  • Private: Realtime Blocklist

    What is it? Syspeace Realtime Blocklist is an Intrusion-Prevention-as-a-service (IPaaS) product that blocks known offenders at the datacenter firewall level. It gives you enhanced protection against hacking attempts and guards you against the deployment of ransomware, malware, and viruses. How do I benefit from Syspeace Realtime Blocklist? Syspeace Realtime Blocklist is a Global Blocklist ...

    Private: Realtime Blocklist

Scroll to Top