IDS / IPS

An intrusion detection system (IDS) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Intrusion detection is not a monitoring process. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDS/IPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDS/IPSs for other purposes, such as identifying problems with security policies, documenting existing threats, and deterring individuals from violating security policies. IDS/IPSs have become a necessary addition to the security infrastructure of nearly every organization.

IDS/IPSs typically record information related to observed events, notify security administrators of important observed events, and produce reports.Many IDPSs can also respond to a detected threat by attempting to prevent it from succeeding.They use several response techniques, which involve the IDS/IPS stopping the attack itself, changing the security environment (e.g., reconfiguring a firewall), or changing the attack’s content.

Accumuli Security can offer IDS/IPS solutions from Cisco and Sourcefire.

Sourcefire 3D System

The award-winning Sourcefire 3D® System is complemented by industry-leading technologies.

Cisco Adaptive Security Appliances

Cisco adaptive security appliances integrate industry-leading firewalls, VPN technology, intrusion prevention, content security, and unified communications security, in a unified platform.