Attack monitoring and prevention systems (IPS & IDS)

Attacks against devices connected to the network are continuous. An IPS prevents the attack before the target service even becomes aware of it taking place.

IPS-systems monitor the network continuously, searching for hostile traffic, and thus ensure business-critical systems retain the capacity they need to operate. They also have a significant role in supporting information security situational awareness.

An IPS-system has the capability to prevent denial-of-service attacks that exploit software vulnerabilities, that are today responsible for a large portion of denial-of-service attacks. IPS-systems work well together with the filtering performed by operators in preventing network load increasing denial-of-service attacks.

A typical IPS-system implementation project is quick to carry out. In just a few days, the environment has been planned, the product implemented and the necessary documentation created. As is the case with other security products, mere implementation is not enough, because the system’s effectiveness  needs to be maintained and developed as the threat landscape evolves. In addition, it is important that the system reacts correctly to the detected anomalies.

External IDS-requirements
  • Katakri, level 3 and higher

IDS, Intrusion Detection System warns of hostile traffic. It is often connected to a switch’s SPAN-port.

IPS, Intrusion Prevention System both warns of hostile traffic and prevents its advance. 

Business Continuity & Risk Management

Tools for operational risk and overall risk management.
Read more

Information network assessment

Know your network and its security level
Read more