Suite 27, Liberty House, The Enterprise Centre, Greenham Business Park

Intrusion detection & prevention

Search

Monitoring your network, protecting your business

Comprehensive network and endpoint security is a key part of an organisation’s response to cyber threats. Perimeter firewalls and Identity Access Management tools can restrict and control access to the organisations network, but how do you detect and stop an intruder who has managed to breach your security and is now loose on your network, before they can cause damage or start to extract data?

An Intrusion Detection System (IDS) monitors the network for malicious activity or policy violations. Any detected activity or violation is then either reported to an administrator or collected centrally using a Security Information and Event Management (SIEM) system. A SIEM system can combine outputs from a number of sources and can use alarm filtering techniques to distinguish malicious activity from false alarms. An Intrusion Prevention System (IPS) can then be used to stop the malicious activity.

Major firewall vendors are building some intrusion detection and prevention features into their products. However, a dedicated IDS/IPS solution can detect and prevent a much broader range of malicious activities than those built into most firewalls.

We recommend two types of IDS/IPS:

Crowdstrike logo, partner of EnterpriseRed providing Crowdstrike products as part of their enterprise-class, corporate cybersecurity solutions

Crowdstrike Falcon cloud-delivered endpoint protection platform: this software only solution delivers and unifies IT hygiene, next-generation antivirus, endpoint detection and response (EDR), managed threat hunting and threat intelligence — all via a single lightweight agent. Crowdstrike Falcon is rated 5/5 by SC Magazine, who said “we know of no better tool available. We make this our Cloud-based recommended product.

Read SC Magazine’s review of Crowdstrike Falcon here.

Vectra logo, partner of EnterpriseRed providing Vectra products as part of their enterprise-class, corporate cybersecurity solutions

Cognito™ from Vectra uses artificial intelligence to deliver real-time attack visibility and put attack details at your fingertips to empower immediate action. It automates the hunt for cyber attackers, shows where they’re hiding and tells you what they’re doing. The highest-risk threats are instantly prioritized so security teams can respond faster to stop in-progress attacks and avert data loss – from cloud and data center workloads to user and IoT devices. By automating the manual, time-consuming analysis of security events, Cognito condenses days or weeks of work into minutes and reduces the threat investigation workload by up to 29x.

Contact us today for more information on
Crowdstrike Falcon or Cognito™