|
Enterprise-class intrusion detection monitoring, management, and incident response offers front-line defense for attacks such as denial of service (DoS). VeriCenter delivers real-time security that proactively monitors and identifies hacking and other suspicious activities, 24x7, extending the protection of your firewall. Our intrusion detection service provides alerts when someone tries to breach your system and, just as important, it addresses attempted threats and blocks them as they become known.
Network-Based
Network-based intrusion detection starts at the network perimeter and moves inward, checking for traffic patterns that indicate a possible security threat. There is inherent ambiguity with any intrusion detection service, since it is unknown whether a pattern is an actual threat or simply resembles a threat. The key to success with any intrusion detection system is experienced security professionals who discard obvious false positives and focus on alerts that represent the greatest likelihood of being a true threat.
Once a threat is detected and validated, our security professionals employ remediation to end the threat. VeriCenter's Security Incident Response is modeled on Carnegie Mellon's Computer Security Incident Response Team (CSIRT) guidelines.
Host-Based
Host-based and network-based intrusion detection work together to provide a comprehensive intrusion detection service. Where network intrusion detection focuses on all traffic, host-based intrusion detection is concerned with traffic on a specific server or host. The concept is the same in that traffic is monitored and alerts are generated whenever a potential threat is observed.
Intrusion detection is concerned with identifying possible threats before they become actual threats. Too often, unseasoned security staff members are overwhelmed by the number of alerts triggered and let their guard down, opening the door for a malicious threat.
|
