A firewall is not enough to protect your enterprise from the multitude of threats that exist. In addition to firewalls, most businesses need Intrusion Detection System (IDS), which is able to detect
which even a correctly configured stateful inspection firewall may well let through.
An IDS can be host-based or network-based, according to whether it operates on a host to detect malicious activity on that host, or on network data flows. Sometimes, a distinction is made between misuse and intrusion detection. The term intrusion is used to describe attacks from the outside, whereas misuse is used to describe an attack that originates from the internal network.
An IDS which is able to react to malicious traffic and prevent possible attack is usually called Intrusion Prevention System (IPS).
NTS' consultants have vast experience in configuring, deploying and managing Intrusion Detection and Prevention systems. We work together with our Clients to determine whether a separate IDS/IPS system is necessary (some firewalls now incorporate ID technolgy) and to devise the best implementation strategy.
         |
