Watch data flows and detect intruders while there's still time.
An intrusion detection system (IDS) serves to detect malicious activity such as denial of service (DOS) attacks, port scans or even attempts to break into computers by monitoring network traffic and comparing traffic signatures against known anomalies.
IDS is an important part of network perimeter security. Without an IDS, probing or attacking your servers (unless the attack is so overwhelming that it results in a denial of service) can go undetected. Having this information can provide enough data in order to implement firewall changes or harden the OS on a particular server.
IDS uses patterns of known malicious traffic that it is looking for. Once a match to a signature is found, it generates an alert. These alerts can uncover problems like malware, scanning activity, attacks against servers and other malicious activity that could compromise confidential data and applications.
Expedient IDS delivers daily reports that contain actionable information.
The Outcome You're Looking For℠
Inspect network traffic to identify malicious packets.
- Service managed by Expedient
- Combines signatures, protocols and anomaly-based inspection
- Rules database updated automatically
- Reports delivered daily to named client contacts
- Complements dedicated firewall service
- REPORT INSIGHTS
- Distribution of event by severity
- Distribution of attack by hour
- Distribution of event by day
- Distribution of event by protocols
- Distribution of event by destination port