Immunify360 - Overview & Configuration

Overview

Imunify360 is the security solution for Linux web servers based on machine learning technology which utilizes a six-layer approach to provide total protection against any types of malicious attacks or abnormal behavior including distributed brute force attacks.

Features:

  • Advanced Firewall with herd immunity and artificial intelligence for detecting new threats and protecting all servers that run the software -  capable of defending against brute force attacks, DoS attacks, and port scans.
  • Intrusion Detection and Protection System -  comprehensive collection of “deny” policy rules for blocking all known attacks.
  • Malware Scanning - automatic scanning file systems for malware injection and quarantining infected files.
  • Patch Management - rebootless Secure Kernel powered by KernelCare keeps the server secure by automatically patching kernels without having to reboot the server.
  • Website Reputation Monitoring - analyzing if web-site or IPs are blocked by any blacklists and notifying if they are.

 

Terminology

  • Black List – list of IPs automatically blocked by Imunify360 without access to CAPTCHA and manually blocked by a user.
  • Gray List – list of IPs that will be redirected to Captcha to pass verification. Once the IP passes Captcha, it will be unblocked and removed from Gray List.
  • White List – list of IPs that will not be blocked in any case.
  • Sensor – 3rd party applications and services that serve as agents to detect the suspicious activity of different types. Imunify360 central server also serves as one of the sensors.
  • IDS – Intrusion Detection System (IDS) is a software application that monitors a network or systems for malicious activity or policy violations.
  • Incident – a detected event on the server that is qualified as suspicious activity.
  • Ignore list – list of files and folders that Malware Scanner will ignore during automatic and manual scan processes.

 

Configuration and Management

You can access Immunify360 through your Gate.com Server Manager. For detailed instructions on accessing Gate.com Server Manager, you may visit this article.

Navigate to the Immunify360 section on the left sidebar:

Dashboard- This tab provides an overview of your protection status along with a history of alerts for a specified time period.

Incidents- This tab displays a chronological list of past threats to your site, which were neutralized  by Immunify360. You can also review said incidents and add the respective IP addresses to your white or black lists

Firewall - This tab contains and lets you manage your Black and White lists. You can also view your Gray List from here (those are the IPs which are forced to undergo a Captcha test, before being allowed to connect).

Malware Scanner - Perform malware scans of your website files. This tab also contains your Ignore List, where you can add specific files to be ignored by the malware scanner.

Proactive Defense -  This feature can be configured to either Log suspicious php-based events (Log only) or terminate them outright (Kill Mode).

Reputation Management - This tab lets you manage your domains' reputation. If one of your domains is blacklisted somewhere, it will show up on this tab along with details on the blacklisting authority which listed it.

KernerCare - KernelCare, a feature of Imunify360, keeps your server’s kernel secure by automatically patching it. It does it without the need to reboot servers. KernelCare agent checks for new patches every four hours and automatically applies them to the running server without any performance impact.

  • The Effective Kernel Version displays the version to which the running kernel was patched up to by KernelCare.
  • The Real KernelVersion shows you the version of the kernel that the system was last booted with.
  • The Update mode toggle allows you to switch automatic kernel patching on or off.
  • The Uptime displays your system uptime in days.
Was this answer helpful? 0 Users Found This Useful (0 Votes)