The KIS security practice has a number of cores. Intrusion Prevention and Detection is one of these cores.
KIS has partnered with some of the most capable companies to provide a very capable level of protection for our client’s networks.
Tools that we use for doing Penetration Tests can also be used to close most of the holes in a network to mitigate this threat.
However, businesses must have connectivity to the Internet and must (in many cases) have inbound traffic connect to internal systems. By implementing IP or ID into the environment, added security and alerting to possible threats can be achieved.
Intrusion Prevention (IP) can be either network (at the gateway Firewall and in-line with it) or host based. In either case, the product becomes a “proxy” and packet cop to verify that a packet coming into the network or system is actually what it says it is. In IP solutions, it is proactive and halts the packet before it finishes connecting to the target.
Intrusion Detection (ID) monitors a network or host and alerts when a threat is found. In most cases, the action to stop the threat is normally passive and the initial attack has already started. This normally can stop the full attack in time, but is less capable than the proactive IP solutions KIS supports. ID solutions are can be in-line or passive.
Manufacturers used by KIS to create solutions in this Practice Area:
- Internet Security Solutions (ISS)
- Secure Computing
- Increased protection of intellectual property
- Attack Mitigation in conjunction with PenTest results
- 0-day attack detection and prevention
- Intellectual Property protection in high risk clients
- Reduced threat of malware and spyware attacks
- Increased productivity due to the reduction of inbound threats
- Forensic evidence solution for post attack investigation