Firewalls | VPNs | Content Security | Authentication and Authorisation | Intrusion Detection and Prevention | Application Optimisation | Wired and Wireless Networking
Intrusion Detection and Prevention
Managing Security is a challenge for every organisation. There are so many avenues of attack and types of IT systems in use, it makes it very difficult to keep on top of the security problem. One of the key aspects of security management is visibility. If you can't see what's happening then it's very difficult to understand when your systems may be under attack, or when a security breach has in fact occurred.
Intrusion Detection is the act of monitoring systems and networks to help identify possible security breaches; security breaches may be attacks from outside your organisation, or system misuse from within the organisation (e.g. a regular employee trying to access the payroll system)
Intrusion Prevention relies on Intrusion Detection, but takes things a step further with a pre-emptive approach to security. Suspicious connections can be immediately be blocked, or users seen to misuse a system can be actively logged off and prevented from further access.
Broadly speaking, the techniques for IDS/IPS fall into two categories;
- Knowledge (or signature) Based systems
- Behavioural (or anomaly) Based systems
Many solutions combine elements of both techniques to give a more holistic approach to the IDS/IDP problem.
IDS/IDP systems definitely have a role to play in the protection of your organisation's most critical digital assets (such as back-end databases, Internet-facing customer portals or even the network itself).
At Network Surety we have the experience to help you select the appropriate IDS/IDP solution to meet your requirements, be it application level or network level, host-based or network-based, in-line or passive. Contact us today to find out more.