// //

Intrusion Detection and Prevention Systems (IDS & IPS)

Inspecting network traffic to identify suspicious activity.

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) inspect network traffic to identify suspicious activity. They can operate as standalone products or can be integrated into Next-Generation Firewalls. Despite their technology being 20-years-old, they still perform a pivotal role in being the eyes and ears of monitoring.

We undertake a wide range of services around IDS and IPS, from product selection and requirement capture, through to false-positive reduction and tuning. We are happy implementing products and even monitoring them. 
Services around IDS and IPS are some of our oldest offerings which we have seen evolve since the late 1990s. Our staff deployed the first Network IDS in use by the UK MOD 20 years ago and later installed Europe's largest IPS deployment with well over 1,000 sensors.
Such is the breadth and depth of our knowledge on the subject that our staff are regularly flown around the world by vendors to speak at conferences and to help improve the products and define the product roadmaps.
Open Source IDS:

We are also extremely adept at deploying and configuring many of the open-source sensors such as Snort, Suricata, and Zeek (Bro). We have spoken at conferences about how to configure several commercial IDS to deploy Snort signatures and how to conduct advanced tuning on commercial IDS in order to turn on prevention without impacting service.

Find Out More

© Computer Network Defence Limited 2022