Carrier-grade Intrusion Detection
Because we capture and analyse every single packet, our Intrusion Detection System is able to provide you with a comprehensive view of every threat and every alert on your network. This fact alone stands our Intrusion Detection System apart from the competition.
Our solution comes fully integrated with all the tools you need to not only identify every threats, but also isolate and resolve them quickly and efficiently - reducing your MTTR. That's why Telecommunications Providers, Government Agencies and Fortune 5000 enterprises use our Intrusion Detection System to help them monitor and protect some of the world's most sophisticated high-speed networks - right up to 40Gb/s.
Next Generation Intrusion Detection
Our Intrusion Detection System (IDS) is made up of Endace Probes, running your choice of open-source security engine (SNORT® or Suricata from the OISF). It integrates the Endace Security Manager dashboard for alert management and easy control of your Probes, as well as tightly integrated Endace Analytics for forensic threat investigation.
Our IDS not only folds three different systems (IDS, alerting and forensics) into a single platform, but it radically improves the accuracy, performance and reliability of your network security operations at the same time. Which is why we believe it is a true 'Next Generation Intrusion Detection System'
It offers:
- High density, highly cost effective purpose built Probes capable of monitoring any interface from 10Mb/s to 40Gb/s with 100% accuracy
- A comprehensive view of all network events on a single interface using our Endace Security Manager
- Real-time and post-event access to packet-level information on individual events
- Contextual interrogation of events (before, during and after) using Endace Analytics
- Deep packet level interrogation of events using fully integrated Wireshark
- The ability to easily manage and deploy IDS rule sets - be they custom, proprietary or Open Source
- Simple, single point command and control for all of the Probes across your entire network
- The fastest mean-time-to-resolution (MTTR) of any IDS system available today
Our IDS in action - reducing MTTR
A well-configured and tuned IDS system will provide you with highly accurate real-time notification of every network security issue. 100% packet capture improves accuracy (reducing the number of false positives and false negatives). Beyond accuracy and performance, the real test of an IDS is what you can do with alerts once they have been identified.
We believe that you should be able to investigate issues instantly and be able to uncover what's actually happening. This capability can only be provided by tight integration between your packet capture fabric your alerting dashboard and your analytics application. With the right tools and the right workflow it is possible to make significant improvements to your Mean Time To Resolution.
We provide the only truly-integrated suite of tools that combines IDS deployment, configuration and management with the tools to analyse and resolve alerts in real-time. To help you understand what this really means we've recorded three separate videos that use real life, everyday examples to demonstrate our IDS in action.
Network Security's Inconvenient Truth
Most of the IDS and IPS systems deployed today are subject to packet capture’s Inconvenient Truth which exposes organisations to unnecessary and excessive risk. On top of this:
- The number of threats to networks is constantly increasing making it a security arms race with hackers and malicious users
- The traditional network edge has eroded with the need to deliver immediate access to data and services deep within the network
- Securing and protecting data is becoming ever more critical. Privacy and compliance requirements add to the need to secure data
Our IDS solution is built on top of purpose built hardware that delivers 100% guaranteed packet capture - regardless of your network type, speed or load - which is why you can be confident that our IDS solution really does give you the power to see all.
If you have an IDS or IPS and you're concerned that it might not be seeing everything, talk to us about a IDS / IPS performance audit.
