AhnLab CPP

Purpose-built Protection
for Hybrid Cloud

AhnLab CPP

Print this page

AhnLab CPP


An increasing number of businesses are migrating their workloads to cloud environments to accelerate digital transformation. However, cloud environments requires a new security platform for centralized visibility and management of cloud workloads.

AhnLab CPP is a single, centralized cloud workload protection platform that focuses on providing optimized protection, unified management, and flexibility for workloads in hybrid environments.

Optimized Protection for Hybrid ㆍMulti-cloud Environments

  • - Provides comprehensive visibility and easy management for workloads in on-premise and cloud server (AWS, Azure) environments
  • - Supports automatic identification for autoscaling cloud server workloads

Unified Operation and Management

  • - Delivers easy operation and management through a single, web-based management platform
  • - Supports quick and simple operations with Intrusion Prevention, Firewall, Application Control, Integrity Monitoring, and Anti-malware
  • - Provides integration with 3rd-party solutions via Open API
  • - Enables SIEM, ESM integration via syslog logging

Flexible and Cost-efficient

  • - Provides module-based CPP Management, which enables flexible configuration according to the business environment
  • - Saves cost by allowing selective installation and application of security solutions


Application Control

  • - Allows execution of trusted applications only
  • - Ensures system stability by providing various control modes
  • - Provides application access control feature for a critical file or folder


  • - Supports certified engine based malware detection
  • - Provides real-time malware scan on Windows and Linux server with minimal impact on resources and performance
  • - Supports manual and scheduled scan
  • - Detects and responds to the container malware


  • - Enables IP, Port , protocol-based network control
  • - Supports geo-IP blocking

Intrusion Prevention

  • - Detects and blocks network intrusion attacks based on certified signatures
  • - Supports user-defined signatures
  • - Provides signature recommendation considering a system environment
  • - Supports IPS and IDS
  • - Supports to detect port scan and host sweep
  • - Detects and responds to the network intrusion from or to containers

Integrity Monitoring

  • - Scanning a modification of critical file, folder, registry, process, service and etc.
  • - Supports manual and scheduled scanning as well as the real-time scanning (on some categories)