Network Intelligent Defense System UniNID

Next-Generation Network Access Control System

Contact Now

Product Overview

Leagsoft’s Network Intelligent Defense System (UniNID) innovatively integrates network intelligent access, network threat and abnormal behavior detection, smart baiting, and threat mitigation technologies, establishing a next-generation intelligent network security infrastructure.

Powered by Leagsoft’s proprietary data processing engine and enhanced by high-quality data sources and machine learning, UniNID helps enterprises identify internal network security risks. It uses active deception techniques and dynamic "Honeypot" systems to detect known and unknown threats in real-time with precision.

By deploying intelligent access controls along the network perimeter, UniNID accurately locates and addresses risks through a "hardened perimeter" defense strategy. UniNID is the ideal solution for organizations looking to defend against ransomware, botnet infections, and other APT (Advanced Persistent Threat) attacks. It provides robust capabilities for threat detection, risk assessment, and regulatory compliance.

In addition to standalone deployment, UniNID can be seamlessly integrated with products like Leagsoft UniEDR, offering a more comprehensive and layered approach to security protection.

Key Capabilities

Network Deployment & Control
Compliance Checking
Risk Detection & Forensics
Anti-APT Protection & Ransomware Defense
Risk Mitigation
Network Deployment & Control
Asset Discovery: Automatically and in real-time, identify all online assets across the network, with the ability to classify them accurately.
Boundary Control: Offers two authentication modes—forced authentication and intelligent authentication—enabling device fingerprint-based authentication as well as user account verification. Devices failing authentication are automatically blocked or isolated from network access.
Resource Access Control: Automatically applies ACLs (Access Control Lists) at network access points based on device type, security status, fingerprint characteristics, and user identity to regulate access to network resources.
Dynamic "Honeypot" Deployment: Dynamically generates a large number of decoy devices based on online user devices, using active decoy techniques to lure and trap malicious activities onto these phantom devices.
Compliance Checking
Vulnerability Awareness: Supports detection of weak passwords for services like cameras, SSH, FTP, and Telnet; conducts high-risk port scanning; and performs vulnerability assessments.
Baseline Compliance Checks: Automatically identifies non-compliant settings such as improper file sharing, anonymous logins, patch servers, DNS servers, and proxy servers.
Software Installation Compliance: Automatically verifies the installation of necessary compliance software, such as antivirus programs.
Risk Detection & Forensics
Dangerous Behavior Detection: Intelligent detection of abnormal access or attacks on high-value assets; automatic detection of known dangerous behaviors; and smart identification of unknown risky behaviors.
Anomalous Behavior Detection: Smart detection of anomalies such as device spoofing, slow attacks, abnormal connections, unusual traffic, irregular protocols, abnormal domain or IP access, out-of-hours access, and access from unusual locations.
Anti-APT Protection & Ransomware Defense
APT Attack Detection: Automatically detects APT attack behaviors, including ransomware, phishing malware, and cryptocurrency mining trojans.
Integration with Leagsoft UniEDR: Works in tandem with Leagsoft UniEDR for attack traceability, allowing for a detailed reconstruction of attack timelines.
Automatic Alerts and Blocking: Automatically generates alerts and blocks APT attack behaviors, such as malware and trojans.
Risk Mitigation
Control: Initiate remediation actions such as redirecting to repair, offline devices, or re-authentication.
Forensics: Provides a panoramic view, risk trends, attack pathways, and forensic reports for detailed analysis.
Alerts: Sends notifications to the event center (SOC/SIEM), administrators, and users for prompt awareness and response.

Advantages

Asset Identification & Intelligent Access Control
Based on Leagsoft's best practice asset identification library, it can quickly and effectively identify IoT assets.
The device uses a bypass deployment approach, eliminating the need to modify existing network topologies, with simple configuration and plug-and-play functionality.
No client software installation or configuration changes are required on the endpoint devices to perform security baseline compliance checks.
Supports up to 40Gbps of network traffic per device, with options for both distributed and centralized deployment. The management center supports linear scalability (clustered deployment).
Precise Risk Identification
Blacklist Identification: The blacklist includes both proprietary and third-party threat intelligence.
Dynamic Honeypot: Accurately captures network attack behaviors through dynamic decoys.
High-Quality Data and AI Algorithms: Achieves precise identification through high-quality big data and AI algorithms. High quality refers to data being collected and processed directly from the source to avoid distortion.
Additionally, high quality is characterized by a wide array of data dimensions, such as device type, security status, user identity, access location, access time, network behavior, target objects, and usage patterns.
Detection of Unknown Attacks
Dynamic Honeypot: Identifies attacks without needing prior knowledge of the attack type by using decoy tactics to lure attackers.
Big Data & Machine Learning: Leverages big data and machine learning algorithms to discover unknown attack types through methods like profiling, correlation analysis, and suspicious domain analysis.
Security Visualization
Asset Visualization: Automatically discovers network assets and identifies high-value assets (e.g., databases, source code servers, domain controllers, ERP servers, etc.). Visualizes asset status, type, location, and user information.
Behavior Visualization: Automatically recognizes device and user behaviors, providing a visual representation of access relationships and usage habits.
Attack Visualization: Intelligent detection of network attacks, with visual representation of the attack path, lateral movement, attack methods, and more.

Key Benefits

  • Asset Discovery

    Accurately and promptly detects intrusions, protects high-value assets, and prevents data destruction and leakage.

  • Intelligent Detection

    Enhances efficiency by automating and streamlining security compliance and management tasks, making security operations simpler and more effective.

  • Scalability & Integration

    Offers a high return on investment by integrating with existing NAC systems, providing a single solution to address multiple security challenges.

  • Next-Generation Access Control

    As intelligent security defense becomes the future, NID (Network Intrusion Detection) represents the next generation of network security infrastructure.

Business Scenarios

Agentless Intelligent Access Control
Enterprise endpoints can achieve secure access without the need for any agent installation. Devices across the corporate network—including servers, network equipment, mobile terminals, and peripheral devices (such as printers and cameras)—can be authenticated via "fingerprint" recognition.
Network Security Asset Management
Utilizing various technologies, it enables the timely and accurate discovery of all network assets, providing precise identification of device types. This facilitates full lifecycle management of assets. By integrating with UniCSM, it enables comprehensive attack surface management.
Anti-APT & Anti-Ransomware
In collaboration with Leagsoft's ESPP series products, it enables real-time detection of both known and unknown threats, preventing the spread of these threats and minimizing enterprise risk exposure.
Video Network Access & Anti-Spoofing, IoT & Industrial Control Network Protection
In environments like IoT (e.g., medical systems, government surveillance projects, smart cities) and industrial control networks (such as SCADA and other ICS), it ensures device access control, anti-spoofing, and advanced threat protection to meet stringent security requirements.