Intrusion Detection

Intrusion detection involves monitoring the events occurring in a computer system or network and analysing them for signs of possible incidents. Intrusion prevention is the process of performing intrusion detection and attempting to stop detected possible incidents. Intrusion detection and prevention systems are focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators.


Four Types of Intrusion Detection and Prevention Technologies

Network-Based:This involves monitoring network traffic for particular network segments or devices and analyzes the network and application protocol activity to identify suspicious activity. It is most commonly deployed at a boundary between  networks, such as in proximity to border firewalls or routers, virtual private network (VPN) servers, remote access servers, and wireless networks.

Wireless: This involves monitoring wireless network traffic and analyzes its wireless networking protocols to identify suspicious activity involving the protocols themselves.  It is most commonly deployed within range of an organization’s wireless network to monitor it, but can also be deployed to locations where unauthorized wireless networking could be occurring.

Network Behavior Analysis:This examines network traffic to identify threats that generate unusual traffic flows, such as distributed denial of service (DDoS) attacks, certain forms of malware (e.g., worms, backdoors), and policy violations (e.g., a client system providing network services to other systems).

Host-Based This monitors the characteristics of a single host and the events occurring within that host for suspicious activity. Examples of the types of characteristics a host-based IDPS might monitor are network traffic (only for that host), system logs, running processes, application activity, file access and modification, and system and application configuration changes.

Managed Intrusion Prevention System for Any Environment

Our managed intrusion detection system for your network enables you to inspect traffic between devices, not just at the edge. You can also correlate events into a single console for complete network visibility. Here is what a truly managed Intrusion Prevention System can do for your business.

Security updates with current signatures that protect against the latest threats

Tuning and Management

Includes all hardware, management, and maintenance

24x7 Threat Monitoring & Response

Immediate coordinated protection against detected attacks

Security Event Correlation of IDS or IPS with all other security data

Next Generation Intrusion Prevention Systems

Next generation intrusion prevention systems give better protection for modern organizational networks and devices. Some of these added functionalities include the following key components.

Network Awareness by having a knowledge of the devices that exist on the network.

Application Awareness and able to pick out and highlight applications that are being run on the network and the users that are running them.

Identity Awareness to gather identity information for the devices and applications that are attached to the network and for the traffic that is being transmitted.

Behavior Awareness to establish and monitor the baseline behavior of network devices.

Real Time Automated Response to respond to events as they occur and react with the appropriate response based on policy.

Automatic IPS Tuning provides the ability for a platform to dynamically tune itself based on the information gathered.


Contact Us

Our team is ready and waiting to answer any strange-confusing-complex questions you can throw at them.