Intrusion Detection is the early warning when your site is under attack which also logs the details for use in tracking down the perpetrator. Intrusion Detection Systems (IDS) are either network-based (NIDS), which passively watches traffic as it traverses your network, or host-based (HIDS) which monitors traffic arriving at individual hosts as well as their logfiles. NIDS and HIDS complement proactive security elements such as firewalls, host hardening, and anti-virus software, and there's even an emerging breed of Intrusion Prevention Systems which control the behavior of applications on workstations and servers.

While IDS software is fairly simple to get up and running, installation is only the tip of the iceberg. In order to be effective, the placement of sensors is critical: how many and where should they be placed to ensure adequate coverage but avoid redundant or excessive alerts and white noise? What signatures should be enabled for your environment and what custom signatures need to be created? How should alerts and reports be configured to avoid losing important data in a sea of false positives or throwing out the proverbial baby with the bath water? A full 80% of IDS deployment is planning and tuning.

At NOIT Group, our technicians keep up-to-date on current security vulnerabilities and zero-day exploits. Our core proficiency is in all practical facets of IP networking, including architecture design, network performance monitoring and tuning, identification of infrastructure security and resiliency weaknesses. We leverage this expertise with IDS implementation and integration with the rest of your security architecture to bring you assured vigilance. In planning we'll even advise you whether you should manage your IDS infrastructure in-house and when to outsource to a Security Service Provider (SSP).