Sax2 IDS

Sax2 IDS

Sax2 IDS

Prevent hacker & virus attacks, Securing your network & business !

Sax2 IDS is an intrusion detection system used to monitor abnormal or malicious activities in computer networks or systems, in order to detect and respond to security threats in a timely manner. Sax2 IDS can detect many different types of attacks, including network scanning, malware, denial-of-service attacks, and more.

How Tos
System Requirements
How Tos
System Requirements

   Sax2 IDS is a professional intrusion detection and prevention system (IPS) used to detect intrusion and attacks, analyze and manage your network which excels at real-time packet capture, 24/7 network monitor, advanced protocol analysis and automatic expert detection.

With insight into all operations in your network, Sax2 IDS makes it easy to isolate and solve your network  security problems – detect network vulnerabilities, identify network security threats,  catch actions against of security Policy and signs of been attacked. Finally, intercept and stop these connections.

Sax2 IDS offers many kinds of intrusion analysis reports, such as events, type, source address and destination address of attacks, and many crossover reports and compositive reports. Furthermore, Sax2 IDS allows for customized time ranges. which administrator will flexible monitor and evaluate the network security.

Sax2 IDS enhanced detection, analysis, response and management features, supports almost all commonly used protocols., self-contained and high speed update event database. It will compose an active detection as the core of dynamic Security Defense System with other network security software, such as Firewall and anti-virus.

Key Features

Intrusion Detection and Prevention

Detects variety of complex attacks in your network, including pre-attack detection, password guessing, denial of service attacks (DoS/DDoS), buffer overflow attacks, CGI/WWW attacks, windows vulnerabilities attacks, Unix vulnerabilities attacks, unauthorized access, SQL inject attacks, worms, backdoor Trojans, ARP spoof, and so on. And then, Sax2 IDS will proactively stop the dangerous behavior to prevent your whole network.

Real-Time Alert and Response

Multiple response modes – send console message, logs, e-mail inform, real-time cut off the connection, flexible logs.

Stable performance

Sax2 IDS works in 7/24/365 with stable performance.

Real-time monitor analyze and alarm

Besides monitoring network communication in real-time, Sax2 IDS also offers analyze and alarm in real time to protect your network security.

Huge data storage

Sax2 IDS supports many databases, such as SQL Server, Access and so on, which let user to store the huge data flexibly.

Plenty reports

With the plenty reports, administrator will easily to monitor attacks and evaluate network security with Sax2 IDS.

Customize Security Policy

According to your own network, IT professionals may customize the security policy to improve the accuracy of intrusion detection.

 Network Based

Sax2 IDS is a network-based IDS. It collects, filters, and analyzes traffic that passes through a specific network location. A single Sax2 IDS monitor, strategically placed at a key network junction, can be used to monitor all incoming and outgoing traffic for the entire site. Sax2 IDS does not use or require installation of client software on each individual, networked computer.

Other Features

Name Table

The name table  allows you to make or edit alias for addresses, ports and protocols, you may also specify the text color for a selected item.This useful feature can make packet-related information more familiar and intelligible.

support multi-adapters

  If you have more than one adapters installed on the local machine, Sax2 IDS can capture the traffic on all the adapters.

In-depth Packet Decoding

        Provides packet decoding information in detail.

Conversation & Packet Stream

        Monitor all conversations and reconstruct packet stream.

Logs of Events

Records the actions and sensitive events in the whole network., including the WEB browse, Email transmission, FTP transfers and instant message – MSN to help network administrators identify potential threats.

Who Needs the Sax2 IDS?

Want to monitor and prevent hacker attacks, Protect network & business from internal threats!
Wanted to log the websites that your users were visiting.
Needed to monitor corporate communications, both in email messages and on instant messaging platforms.
Wanted a network monitoring solution that did not require client installation at individual workstations.

Concise Interface

The main interface of Sax2 consists of a labeled window and two floating windows, allowing users to switch easily between different windows. Each window has a Vista-style design that is concise and modern.


The visual Dashboard provides a comprehensive view of the attacks on your network, including the level, amount, and distribution of risk, as well as trends in attacks and network traffic. It also displays the Top 10 internal and external attacks.

 Log Analysis

Sax2 offers enhanced powerful and user-friendly log analysis. Administrators can use the log analysis to view detailed information on network attacks.

Event View

The main function of the Invasion view is to focus on invasion checking. The view consists of two parts, the Invasion event pane and the Invasion log pane. The Invasion event pane provides statistics on the current network’s invasion classification, and the Invasion log pane shows part of the invasion log. When you choose a different entry in the Statistics Pane, it displays the incident related to the invasion and shows all invasions by default.

Conversation View

The conversation view is a significant feature of Sax2, composed of two sections. The top section displays the current network communication or the end of the communication, including IP, TCP, UDP, and ICMP. By reviewing each conversation, we can determine the source and destination address, data packet count, size, and other relevant information. With this data, we can identify the current state of a conversation.
The bottom section consists of the intrusion log and data stream table window. When selecting a conversation from the conversations list, it displays the corresponding intrusion incidents by default. This feature allows us to view all the invasions related to a specific conversation.

Knowledge Base Management

Sax2 provides more than 1,500 of the security policies by default, Also, according to their own needs we can customize any security Policy, targeting intrusion detection system which is the most suitable for their own.

Software Systems

  • Windows Server 2012/2012 R2/2016/2019 (64-bit)
  • Windows 7 SP1 (KB3033929) (64-bit)
  • Windows 8.1 (64-bit)
  • Windows 10 (64-bit)
  • Windows 11 (64-bit)
Relied Browser:
  • Internet Explorer 8.0 or higher

Hardware Requirements

Minimum Requirements:
  • CPU: P4 2.8GHz
  • RAM: 4GB
  • Internet Explorer 8.0
Recommended System:
  • CPU: Intel Core Duo 3.2GHz
  • RAM: 8GB or more
  • Internet Explorer 8.0 or higher


  • You are required to have the “Administrator” level privileges on supported operating system in order to load and unload device drivers, or to select a network adapter for using the program to capture packets.