Network Security, Intrusion Detection, Managed Services, Remote Backup, Proactive IT. Bennett Office Technologies

Network Design Converged Voice & Data Thin Client Solutions Computers Support

Data Protection Proactive IT Managed Services Remote Backup Intrusion Detection & Prevention Security Assessment

Telephone Services Converged Voice & Data Video Conference

Document Storage Print Snapshot

Computer & Networks Telephone Copier & Printer

Intrusion Detection

Intrusion detection is able to work hand in hand with firewall security. A firewall protects your network by blocking traffic based on a protocol or port. However, intrusion detection is able to view contents of a "package" where firewall is restricted from. Intrusion detection is able to scan the information to determine if it is safe to enter your network.

What can IDS Catch that a Firewall Can't?

Firewalls are a great first line of defense, but alone they do not make for a secure network. They act as a barrier between your corporate (internal) network and the outside world (Internet), and filter incoming traffic (through open ports) according to a security policy.

1. Not all access to the Internet occurs through the firewall. Users sometimes set up unauthorized modem connections between their systems and the Internet.

2. Not all threat originates outside the firewall. A vast majority of loss is due to security incidents is traced to insiders.

3. Firewalls are subject to attack themselves. Attacks and strategies for circumventing firewalls have been widely publicized since firewalls were first introduced.

Most loss due to computer security incidents is still due to insider abuse. Intrusion detection systems, not firewalls, are capable of detecting the category of security violation. IDS is the only part of the infrastructure that is privy to the traffic on the internal network.

Intrusion detection systems perform a variety of functions:

Monitoring and analysis of user and system activity
Auditing of system configurations and vulnerabilities
Assess the integrity of critical system data files.
Recognition of activity patterns reflecting known attacks
Statistical analysis for abnormal activity patterns.
Operational-system audit-trail management, with recognition of user activity reflecting policy violations.

IDS Provides Added Assurance

Even if you have a great existing security infrastructure, you still need the added assurance IDS can provide. No matter how well designed the security products may be, they are still subject to failure, due to hardware or software anomalies or user problems.

Intrusion detection systems, because they are capable of monitoring messages from the other pieces of the security infrastructure are able to detect when failure occurs. In some cases, they can tell you what happens until someone can restore them to service.

Benefits of IDS

Improve integrity of other parts of the information security infrastructure
Improved system monitoring.
Spotting errors of system configuration.
Recognizing specific types of attack and alerting appropriate staff.
Keeping system management personnel up to date on recent corrections to programs.
Allowing non-expert staff to contribute to system security
Providing guidelines in establishing information-security policies.