|
NASK provides end to end telecommunications and data security solutions. As part of our portfolio, we offer IDS and IPS systems.
NASK IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) implementation and maintenance services are dedicated solutions that help to enhance security levels by tightening the control of communications between networks with different trust statuses, and by implementing warning and blocking mechanisms that protect customers against attacks, viruses and any hybrid threats to their networks and telecommunications systems.
An efficient IDS/IPS system should be based on a solution that is tailored to the company's specific needs and has the right functionality. Its price should be based on calculations of the risk of compromising information systems. A security expert, NASK offers its customers an approach to security that takes into account the above criteria. The solutions we offer are state-of-the-art, end-to-end and cost-effective.
IDS and IPS are solutions that enhance network security. They should be implemented as an information infrastructure security level that immediately follows the firewall. An IDS is a threat and security incident monitoring and notification solution. An IPS takes additional measures to prevent attacks or minimise their impact, or actively respond to a security breach. An IPS is a highly advanced and the most efficient IT security system that is gaining increasing acceptance among administrators. An IPS uses multi level analysis and security mechanisms, e.g.: protocol analyses, network traffic anomaly detection and event correlation. It also supports custom rules based on attack pattern comparisons.
An IDS usually works as a sniffer that detects security breach attempts and informs the firewall about the location (IP address) where the attack originates. Consequently, the firewall usually blocks the specified address. An IDS responds more flexibly: after an attack is detected, the system only blocks packets that are involved in the attack.
NASK offers solutions with different complexity levels and architecture. Our IDS/IPS systems employ different approaches to security:
- pattern based (the system works like anti virus software: the manufacturer publishes and updates a database of typical attack patterns. If an event that matches a pattern occurs, the system raises an alarm);
- reacting to anomalies in the monitored traffic within the protected infrastructure (an installed system is tuned, i.e. trained in the typical behavioural patterns in the protected system, and then it begins to detect variations),
- systems that combine the two approaches.
They can also be tailored to our customers' needs. Our solutions:
- monitor specific machines (host based),
- monitor network segments (network based),
- combine both approaches (hybrid systems).
NASK offers solutions with different complexity levels, based on the portfolios of leading IDS and IPS manufacturers: Juniper, ISS, Check Point and Cisco. For example:
I. NetScreen Intrusion Detection and Prevention
II. ISS RealSecure Protection System
III. Proventia
IV. Check Point InterSpect
V. Cisco Network IDS
Our offering includes:
- pre-deployment consulting,
- software selection and delivery,
- hardware platform selection and delivery,
- licence management,
- technical support,
- deployment (including the implementation of a system security policy, installation and configuration of the systems),
- integration with the customer's existing systems.
In addition, we provide:
- administrative training,
- system management.
IDS/IPS solutions provide key security functions in enterprises, for example:
- unwanted event detection and warning,
- blocking attacks,
- signature verification,
- detecting attacks by monitoring network traffic for non compliance (e.g. packet content that does not comply with RFC, or anomalies and irregularities in the use of protocols),
- automatic updates of attack and threat pattern databases,
- filtering relevant information from a multitude of logged events,
- support for antivirus scanners and firewalls,
- network and system vulnerability assessment.
An IDS/IPS system in an enterprise provides the following measurable benefits:
- protection against external attacks,
- a higher security level,
- a shorter time of response to security breach attempts,
- risk manageability,
- minimised business risk,
- consistent security management,
- resource orientation: the ability to focus on mission critical systems.
Protecting all elements of an IT system (from computer systems and applications to users) is of key importance to business processes in any company. Only a comprehensive and consistent security system—with no vulnerabilities and oversights—can efficiently protect your organisation's confidential data, databases and mission critical information.
The security of the network and its resources is essential in ensuring a good cooperation with partners and customers, especially when they need access to the company's key applications and data. NASK recommends that all large and medium sized companies that use Web technologies to communicate with customers and suppliers, sell products and establish new business contacts should implement an IDS/IPS system.
|
