MANAGED SERVICES - SECURE ACCESS
Why Secure Access?

Managed Firewall

Intrusion Detection/Prevention

Managed VPN

Managed Content Filtering

Managed Gateway Spam Eradication

Managed Gateway Anti-Virus

Security Consulting

Intrusion Detection/Prevention

 

SecureAccess Managed Intrusion Detection and Prevention Security Service (MIDPS) Features:

  • Significantly less expensive and includes many more features than any other commercial IDS!
Our SecureAccess MIDPS is non-intrusive to your network and includes the ability to detect and block more than 2600 vulnerabilities and attack signatures and is automatically updated as new vulnerabilities are discovered.
Other specific details of the MIDPS include:
  • We Detect, Alert and Block for security threats including buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, backdoors, Trojans, and operating system and application system vulnerabilities, DdoS clients, and many more.
  • Signatures are rapidly developed and deployed by our security analysts to ensure you are protected from the latest threats.
  • We record packets in their human-readable form from the offending IP address in a hierarchical directory structure and store this information our encrypted security server for future analysis or prosecution.
  • Can be deployed in stealth mode as a "passive trap" to record and report on the presence of unauthorized traffic that should not be found on a network, such as NFS or Napster connections.
  • MIDPS detects incidents originating from inside and outside the network perimeter.
  • Anomalous Traffic Pattern Detection: If a host on your network exceeds average usage patterns, a security ticket will be created and the traffic will be investigated.
  • SecureAccess MIDPS responsible for detecting anomalous, inappropriate, or other data that may be considered unauthorized on a network. A regular firewall is configured to allow or deny access to a particular service or host based on a set of rules. If the traffic matches an acceptable pattern, it is permitted regardless of what the packet contains. However, the SecureAccess MIDPS enables our Security Operations Center (SOC) to capture and inspect all traffic, regardless of whether it's permitted or not. Based on the contents, at either the IP or application level, an alert is generated.
SecureAccess Managed IDPS Reporting:

Through our secure customer web portal you can query and extract stored information from our database of incidents generated and correlated by our Alert System. The report will document traffic and alerts by:
  • Traffic Profile by Protocol shows the most common protocols that are directly associated with the alerts by percentage. It breaks down the different alerts and shows which protocols were utilized for the majority of alerts triggered from the network.
  • Most Frequent Alerts section of the report shows the most recurring signatures triggered by the Alert System. Any of these alerts could either be false positives (Alerts that are suspicious, but careful analysis by security specialists concludes these are generated by valid customer traffic) or actual intrusions. The total number of alerts for each signature is displayed.
  • Most Frequent Source and Destination IP Addresses section displays the most recurring Source IP addresses that have triggered alerts upon entering or leaving the network.
  • History of blocked IP's shows all IP's that have been blocked from the network in the past. It displays the blocked IP, the classification of the block by the analyst, the signature and the timestamp of the block.
SecureAccess Managed Intrusion Detection and Prevention Service (MIDPS) Specifications:

  • The MIDPS should be an integral part of a comprehensive security posture. The Internet is constantly evolving, and new vulnerabilities and exploits are found on an increasing basis. MIDPS provides an additional level of protection to detect and prevent security system probes of an intruder, help provide accountability for the attacker's actions, and most importantly provide the real-time response you need to minimize any potential damage to your network.
  • Corporate Bottom Line Improvement: No expensive probes or software maintenance to purchase. Allows your Network Administrators to focus on high value business projects and only deal with real security incidents. We are an inexpensive Operating Cost rather than an expensive Capital Expense!
  • Risk Mitigation Strategy: Ignoring the risk to your business does not make it go away. MIDPS is an effective method to reduce information security risks that exist even behind a firewall!
  • Tangible ROI Benefits: Better performance metrics, regulatory compliance, successful audits, consistent, repeatable incident handling, and improved security awareness.
  • We are certified security experts and we invest the time to keep current on the latest developments in intrusion detection and prevention research. We are an appropriate third party validation of your security. You should be focusing on your business, not on managing your IDS and firewall log files! That's our job!
  • You don't have the time to manage Intrusion Detection Systems: You can't stay up every night and work weekends to monitor logs and prevent unauthorized network activity.
  • Security Incident Participation: We can help respond with Security Expert and Forensic analysis tools as well as updates your Security Incident escalation procedures so they are designed specifically to address your business needs, information assets, and legal requirements.
SecureAccess Relationship Bonus Features:

  • Free MIDPS system and software system updates for the life of the service!
  • "SecureAccess Security Trends" subscription. Our e-newsletter provides your staff with concise information about current security trends, threats and vulnerabilities.
  • Access to our experienced, certified Security Analysts and Engineers.
  • Discounts on other security products, Internet Service, training and consulting services.
  • SecureAccess analysts and security engineers review and receive, on a daily basis, information from hundreds of sources to ensure we are constantly abreast of the latest security threats thereby enabling us to understand and respond to your critical security issues.