What an IDS does

• It analyses the packets transiting on the network and compares them with an attack signature database;
• It learns to recognize new attacks and adds new signatures recognized as attacks to the database;
• It checks the protocols used by the packets, so as to recognize any irregularities in the traffic;
• It detects the activity of port scans, "explorers" that precede an attack;
• It signals all possible threats identified by this control activity.

Advantages of an IDS Managed service

• A lower cost, there is no need to take on an expert full time;
• Specialization, experts selected and trained in the monitoring activity analyse the information generated by the IDS;
• Experience, their specialist activity enables analysts to observe many different situations, compare them and take advantage of any available synergistic functions;
• Constant monitoring, analysts focusing on preventative activities observe the information created by the IDS on a daily basis;
• Proactive and prompt response to hacking attempts.

Advantages of the Secure Network IDS Managed service

• Extremely high level competence in Intrusion Detection;
• Constant commitment to research and development in close collaboration with the international scientific community;
• At the forefront of innovation, invited as speakers on the future of IDS at the three most important conferences in the field of Security: the Amsterdam Black Hat, Vancouver CanSecWest and Las Vegas Black Hat conferences;
• Customized service tailored to each customer's needs;
• Full integration with the complete suite of Secure Network security services.

Technical characteristics

• Sensors based on Linux technology and with a SNORT® intrusion detection system, the most widely-used IDS in the world;
• Advanced "network intelligence" services for reducing false positives;
• Additional performance analysis, band monitoring and customized reporting services;
• Centralized collection of logs and constant monitoring of the sensors' operation;
• Access to the logs and 24x7x365 reporting on the customer side by means of a web-based interface.

Service characteristics

• Correlation and analysis of the data to eliminate false positives and identify any possible risks, also in collaboration with international testing organizations;
• Customized weekly reports, written by a Secure Network analyst, because only an expert's analysis can determine exactly what has happened on the network under examination;
• 24x7x365 assistance with security emergencies, including the possibility of escalation to on-site disaster recovery and incident response interventions;
• Optionally, predefined proactive responses to an information attack through the remote reconfiguration of the company firewalling systems;
• Constant updates of the sensors' operating principles and remote and on-site maintenance of the sensors' software and hardware.

SNORT® is a Sourcefire, Inc. registered mark.