An Intrusion detection and prevention system is an advanced system that uses a rule driven language to perform deep packet inspection on all the traffic in your network. Protecting you against advanced attacks and attempts to infiltrate or bring down your network.

Why do I need it?

An IDS will pick up what a firewall cannot. A firewall lacks some degree of intelligence when it comes to recognizing and identifying advanced attack signatures that may be present in the traffic it is allowing to pass. The firewall acts as door that allows or denies access based on its configuration but does not perform any deep inspection on those packets. This is where an Intrusion Detection System takes over

How does it work?

The IDS can be placed at different positions in your network depending on its configuration and the size of your network. It will passively inspect all of the traffic in your network and perform deep inspection on those packets without slowing down the flow. In the event that it finds something it will take a predefined action depending on the severity of the attack signature. Predefined actions include: Blocking the traffic, sending a warning to the Administrator, and logging the traffic. The predefined actions ensure that false positives do not negatively affect the network and allow fine tuning of the allowed traffic.

Features

• Accurate and granular attack prevention
• Advanced detection engine
• Distributed Architecture
• Ongoing Security updates
• Graphical views of attacks
• Flexible response methods
• Few false positives