When a user attempts to connect to a malicious website and download a known threat, the threat
passes through SEP’s Firewall, Intrusion Prevention System (IPS), and Download Insight in that order.
This layered approach helps prevent threats at different stages of the attack chain.
Threat Path Through SEP Protection Features:
Firewall: Blocks or allows network connections based on policy, filtering initial traffic to potentially
dangerous sites.
IPS: Monitors and blocks known patterns of malicious activity, such as suspicious URLs or network
behavior, providing another layer of defense.
Download Insight: Analyzes file reputation and blocks known malicious files based on reputation
data, which is especially effective for files within archives like .rar files.
Why This Order is Effective:
Each layer serves as a checkpoint: the Firewall controls network access, IPS scans for malicious traffic,
and Download Insight assesses files for risk upon download, ensuring thorough protection.
Why Other Orders Are Incorrect:
Options with Download Insight or IPS preceding the Firewall do not match SEP’s operational order of
defense.
Reference: SEP’s multi-layered protection approach involves firewall and IPS filtering prior to
download reputation analysis, enhancing overall system security.
