The old song that goes, “I hear you knocking, but you can’t come in,” has a modern application when it comes to hackers wanting to get around your firewall. That application is intrusion detection services (IDS). You should probably consider going the cloud hosting route for that.
Your basic firewall looks outward for hacking and intrusion attempts. A firewall restricts or limits access between different networks, but a firewall cannot detect and warn against attacks coming from inside the network. An IDS, on the other hand, looks inward and uncovers attacks that either slipped through the firewall or originated inside the network.
According to PC Magazine, network IDS systems “typically use signatures of known cracker attempts to signal an alert. Others look for deviations of the normal routine as indications of an attack.” Similar to virus detection software on your PC, with IDS you can have too much analysis, which slows your system and triggers false alarms.
How IDS it works:
Misuse vs. anomaly detection. Like a regular virus detection program, IDS software uses a database of known intruders and their signatures. Anomaly detection compares some “normal” state (or baseline) in the network against some anomaly that appears in network segments or typical traffic load.
Passive vs. reactive. Passive IDS just signals an alert when it detects a breach. Active IDS goes a step further and logs the user off the network. It can also reprogram the firewall to block further intrusions from suspected malicious users.
Network-based vs. hosted. Network-based IDS detects malicious activity that the firewall did not catch by using basic filtering rules. Host-based IDS looks at the activity on each individual computer workstation.
Managed host-based intrusion protection on the cloud
Many businesses have outsourced their IDS efforts and have been able to manage their IT security effort at a lower cost. Typically, the IDS provider does all the monitoring of every server. They continuously monitor the system and look for suspicious activity, malware and unauthorized use. When alarms go off on the IDS the customer gets a call.
We can do that!
We know that often a firewall is not the optimum protection against those who are after your proprietary business and customer records. Contact us and we’ll help you set up a second and inner line of defense with our high-value and reasonably priced IDS.