NetScreen claims to reduce false positives. How is this achieved exactly?
It is through the implementation of both multiple detection methods and a rulebased management system that we are able to increase detection accuracy. By combining eight detection methods, including Stateful Signature Detection and Protocol Anomaly Detection, NetScreen-IDP is capable of detecting a greater number of attacks than all other devices that just use a few methods. Because Stateful Signatures only look for attacks in the relevant portions of the communication stream and because the rule based management server gives the administrator granular control over what the system looks for and how it reacts when specific traffic is identified, these features further improve the accuracy of the NetScreen-IDP by minimizes the number of false alarms.
