TP-Link Community > Knowledge Base > HomeShield Feature Overview - Web Protection, Intrusion Prevention, IoT Protection

HomeShield Feature Overview - Web Protection, Intrusion Prevention, IoT Protection

Released On: 2 weeks agoLast update time: 2 weeks ago

HomeShield: Web Protection + Intrusion and IoT Protection

We regularly receive questions about how the three key protections in HomeShield work to safeguard your network and devices. Below is a quick summary of what the Web Protection, Intrusion Prevention, and IoT Protection Features do for your network.

With each of the following protections, you will be presented with a similar-looking alert or notification. You will be shown the Device Name, IP and MAC Address, the Time of the Event, and the Type of Attack/Action Taken.

Don’t forget that you can select individual devices to opt out of the protection. For example, if you know the device will frequently trigger some of the protections, such as by scanning open ports.

 

 

 

Web Protection – Blocks Websites with Malware, Phishing Attempts or Known Spam Sites

  • This feature allows the HomeShield service to classify whether a website is safe by checking against known bad-actor sites (If a site is not known, it will be allowed).
  • This protection will help you to avoid dangerous links and prevent your personal information from being accidentally disclosed. You will see a notification in the Deco App whenever a site triggers this feature.

 

How To Use Real-Time Protection on a TP-Link Router or Deco

 

 

Intrusion Prevention – Prevents and Protects Your Network and Devices From Attacks

Most Intrusions occur as a result of a program or person identifying the overall security of your home network by scanning open ports, services, or existing traffic. These are considered brute force attacks as they are trying to force themselves into your network by checking your network properties repeatedly. You may see notifications for the following cases:

  • Port Scanning Attempts
    • You will be alerted to any devices or services that are scanning your network for open ports. This may also be triggered when using a new service or device that is looking for an open port to communicate with.
    • Alerts will be Generated with No Rules Created
  • Notice of Outgoing Attack [Through Router to Device]
    • This feature checks for any suspicious traffic that could indicate a device on your network is either a victim of or involved in a brute-force attack.
    • Blocking Rule Will Be Created – Can Be Removed By Disabling Intrusion Prevention or Rebooting your Network
  • Notice of Incoming Attack [on Router from Device]
    • This feature will notify you of any devices on your network that may be victims of or initiate a brute force attack by analyzing the traffic a device is sending to the router and network.
    • Blocking Rule Will Be Created – Can Be Removed By Disabling Intrusion Prevention or Rebooting your Network

 

 

IoT Protection – Identify and Alert for Common Methods of Spreading IoT malware via IoT Devices

  • If your IoT Protection is triggered, you will often see the prompt that you were defended against a DDOS Attack by checking for unusual or excessive traffic on a device.

 

Learn More about the Features of HomeShield on our Official Spotlight

 

 

If you have any questions or feedback on what features are supported or should be made available, feel free to leave a comment below. While there are many changes coming to our HomeShield offerings, we would still like to hear what you would expect from the service and what you would like to change.

0
Comment
upload
    upload
      About Us
      Press
      Copyright © TP-Link USA Corporation. All rights reserved.