Please update your Flash Player to view content.

Main Menu

Services Menu

Intrusion Detection & Prevention

Businesses that want to protect their networks from external attacks have a number of powerful tools at their disposal. Firewalls, for example, do a very good job of filtering and, in many cases, analyzing data packets to ensure that potentially destructive data is caught before it can do any harm.

But most companies that are really serious about keeping troublemakers off of their networks also employ a technology that is specifically designed to target the presence of potential attackers: IDPS (Intrusion Detection and Prevention Systems).

IDPS technology, which is formulated to work in conjunction with a firewall — a network's first line of defense — is comprised of two basic forms:

  • IDS (Intrusion Detection System): An IDS analyzes incoming data traffic for suspicious types of activity. If it detects something peculiar, the IDS alerts the network administrator, who can then move to halt whatever event is taking place. In some cases IDS systems can also kick off automatic events in other systems on the network to protect it.
  • IPS (Intrusion Prevention System): An IPS is similar to an IDS, except that the product is designed to take immediate action — such as blocking a specific IP address or user — rather than simply issuing an alert. Some IPS products also use behavioral analysis to spot and stop potentially dangerous data. An IPS is often described as a "reactive" system, as opposed to an IDS, which is typically considered to be "passive."

Both IDS and IPS products come in various configurations, each designed to address a particular intrusion-protection need. Here are some of the leading types of products currently available:

  • Network Intrusion Detection and Prevention: This is the most common use of IDPS technology, designed to provide network-wide protection. While it would be ideal on a very large network to insert a single IDS or IPS at the gateway in order to scan all traffic, such a design approach raises the possibility of creating a bottleneck that would degrade overall network performance. Therefore, in order to efficiently monitor traffic to and from all network devices, it's not uncommon to place IDPS systems at various strategic points within the network.
  • Host Intrusion Detection and Prevention: Businesses add these systems to individual critical hosts or devices residing on the network. This type of IDPS monitors both inbound and outbound packets — but only through the device with which it is associated.
  • Signature-Based Intrusion and Prevention: This type of IDPS is useful for detecting viruses and other types of malware. The product compares all of the packets that flow through it with a database of known threats. Like anti-malware offerings, a signature-based IDPS is only as good as the information it uses, meaning that technology is vulnerable to "zero day" security events. On the other hand, a signature-based IDPS is a very reliable way of defending a network against known threats, which constitute the majority of network perils.
  • Anomaly-Based Intrusion and Prevention: One could describe this kind of IDPS as being naturally suspicious. That's because an anomaly-based IDPS is always looking for something out of the ordinary. The system continuously scrutinizes network traffic and compares it against an established baseline. Any detected deviations from "normal" performance in terms of bandwidth use, ports accessed or devices connected will cause the IDPS to issue an alert and take proactive steps to ensure the network's health. This type of firewall can be particularly effective in helping business cope with DDoS (distributed denial of service) attacks, when large numbers of computers are recruited to join together and bring down a Web site.

IDPS Vendors

Vendors offer IDPS solutions with a variety of different capabilities, allowing businesses to find the product that most closely matches their requirements. Major IDPS vendors include:

Businesses can also take advantage of various free IDPS offerings, including:

Copyright © 2011. All Rights Reserved.

Designed by Jeremy Robinson.

BAYONET POINT HOLIDAY NEW PORT RICHEY TEMPLE TERRACE WESTCHASE PINELLAS COUNTY HILLSBOROUGH COUNTY TAMPA CLEARWATER LARGO ST PETE BEACH SAINT PETERSBURG DUNEDIN GULFPORT SEMINOLE MADEIRA BEACH SOUTH PASADENA PALM HARBOR TARPON SPRINGS PINELLAS PARK INDIAN ROCKS BEACH TREASURE ISLAND WEST EAST LEALMAN KENNETH EAST LAKE WEST TAMPA EAST TAMPA NORTH TAMPA NEW TAMPA BLOOMINGDALE SARASOTA TEMPLE TERRACE EGYPT LAKE GREATER CARROLLWOOD LAKE MAGDALENE PASCO COUNTY SAFETY HARBOR OLDSMAR SOUTH TAMPA OLD NORTH EAST TIERRA VERDE PALMETTO BAYONET POINT BACON SQUARE CYRSTAL SPRINGS DADE ELFERS LACOOCHEE HUDSON ODESSA PORT RICHEY SAN ANTONIO SHADY HILLS ST LEO TRINITY WESLEY CHAPEL ZEPHYRHILLS ANNA MARIA ISLAND BAYSHORE GARDENS BRADENTON CORTEZ ELLENTON HOLMES BEACH LONGBOAT KEY MEMPHIS BELLEAIR BRADENTON BEACH MANATEE COUNTY PALMETTO SAMOSET WHITFIELD BEE RIDGE DESOTO LAKES FRUITVILLE GULF GATE ESTATES KENSINGTON PARK SARASOTA LAKE SARASOTA LAUREL NOKOMIS NORTH PORT NORTH SARASOTA OSPREY RIDGE WOOD HEAIGHTS SARASOTA SPRINGS SIESTA KEYS SOUTH GATE RIDGE SOUTH SARASOTA SOUTH VENICE SOUTH GATE THE MEADOWS VAMO VENICE VENICE GARDENS WARM MINERAL SPRINGS REDINGTON SHORES BELLEAIR BLUFFS BAY PINES BELLEAIR BEACH FEATHER SOUND BELLEAIR CLEARWATER BEACH COUNTRYSIDE EASTLAKE WOODLANDS GANDY GULFPORT HARBOR BLUFFS INDIAN SHORES MADIERA BEACH REDINGTON BEACH REDINGTON SHORES RIDGECREST SOUTH HIGHPOINT GULF HARBORS AND O LAKES LUTZ HERNANDO COUNTY TOWN N COUNTRY TOWN AND COUNTRY Marco Island Naples Bonita Springs Fort Myers Lehigh Acers Cape Coral Port Charlotte North Port Englewood Venice Estero Nokomis server microsoft FL FLORIDA,