Intrusion Detection Probes (IDPS)
DefenseDetect irregular behavior within your network.
Contact us
+41 (22) 552 3838
The challenge
Are you a 100% sure that no equipment from your company network is infected with malware?
Despite the use of an antivirus, many malware/worms can remain silent until the consequences are visible (Data encryption, information leaks).
How does it work ?
An ‘Intrusion Detection System’ or IDS allows you to detect within your network all suspicious behaviors and to generate reports or alerts.
The latter enables you to react at the first sign of infection and to take the necessary measures to contain it. Signatures are updated regularly in the same way an antivirus would operate, in order to take into account new threats. It is paired with a SIEM, which is an essential element to secure any information system in an appropriate manner.
Our approach
As a first step, we determine with you the perimeter of the project and the architecture of the network.
This first step will then influence the type of equipment to be used (number of probes, bandwidth, and type of interfaces). Together, we will establish specifications for the types of signatures to be activated: suspicious behaviors, detection of malware/viruses, passive vulnerability scans, operation and bypassing of internal policies. Probes are then installed, implemented, configured by our teams and a periodic review of the results is carried out by our experts. If alerts are brought back to a SIEM, the analysis will be performed in real time.
Our offer
We will support you while defining the perimeter in order to determine the most critical elements, carry out the configuration and installation of probes and finally conduct the analysis of results which include recommendations to solve the problems identified.
It is also possible to install a probe for a limited trial period in order to get an overview of your network.
