Intrusion Detection and Prevention Systems

Services around IDS and IPS are some of our oldest offerings which we have seen evolve since the late 1990's. Our staff deployed the first Network IDS in use by the UK MOD 20 years ago and later installed Europe's largest IPS deployment with well over 1,000 sensors.

Such is the breadth and depth of our knowledge on the subject, that our staff are regularly flown around the World by the vendors, to speak at conferences and advise on how to help improve the products and define their product roadmaps.

Open Source IDS

We are also extremely adept at deploying and configuring many of the open source sensors such as Snort, Suricata and Bro and have spoken at conferences about how to configure several commercial IDS to deploy Snort signatures. We have also spoken about how to conduct advanced tuning on commercial IDS in order to turn on prevention without impacting service.

Cisco FirePower

Whilst we can deploy, configure and tune any of the commercial IDS and IPS, our preferred solution is the Cisco FirePower IDS and IPS, which we have followed since Marty Roesch first created Snort and the subsequent commercial SourceFire offering. 

Cisco then acquired Sourcefire and developed the product further and even embedded it onto the Cisco ASA Firewall which then became the FirePower Threat Defense (FTD).

We have some of the best FirePower consultants in the World and we often augment Cisco staff with our experts.

FirePOWER Services

Maximise the capability of your FirePOWER Intrusion  Prevention System with our 'Post Installation' and 'Managed Services' packages, developed by our consultants from their client site experiences.

Improve, Complement , or Replace

We are regularly approached by clients looking to build their defence in depth capability by maximising, complementing or replacing their existing products. FirePower, as a market leader, is a product many of our clients consider to enhance their ASA firewalls or, to replace an existing IPS. Our Consultants have provided numerous deployments on client sites and designed our 'Post Installation' and 'Managed Services' packages to meet the client requirements they commonly encounter.

We Sell FirePower, ASA with FirePower and FirePower Threat Defense (FTD)?

CND are a Cisco Select certified partner and can assist you with purchasing your FirePower product, for more details...

Already have FirePower and require post installation services?

Configuring and tuning your FirePower system is absolutely essential to get the best from it, you'll be amazed at the difference we can make.  More importantly we can do it remotely with you in the driving seat, learning how we do it! Choose from our three post installation packages, designed to get FirePower working for you as quickly as possible and maximise it's capability.


initial staging of device


configuration and analysis of device


turning on IPS mode

Already have FirePower and require a managed service for a large advanced deployment?

Choose from our three managed service packages, designed to give you the support you need for a large and advanced deployment and skill up your technical staff.

Phase One

onsite onboarding

Phase Two

false positive reduction, analysis, tuning and reporting

Phase Three

ongoing analysis, tuning, maintenance and reporting

© Computer Network Defence Limited 2019