elefire Managed Intrusion
Detection System
An Intrusion Detection System, or IDS, is an important element of your organisation's Information Security Management System. It's deployment of internal and external network probes can identify vulnerabilities in your systems and the level of compliance to your security policy. The result - you will find out where the weaknesses are before would-be intruders can exploit them.Elefire's Managed Intrusion Detection System will detect, classify and categorise security incidents, with the appropriate reporting and escalation responses. Categories could include false alarms such as general 'noise' from the thousands of mis-configured systems, malicious attacks, and actual penetrations.
The effort made by Elefire in filtering out the 'noise' and focusing resources on actual attacks will assist in identifying origin and type of attack, quickly determining if unauthorised persons (either external or internal) are attempting improper access. The additional option of having Elefire maintain historical log files is recommended for future hardening of your systems defences and also in providing useful assistance to law enforcement agencies if required.
Elefire's base level of Managed Intrusion Detection System includes the following features:
Reporting of incidents
Each incident report provides details such as the 'apparent' origination. A definition of events would be made with the client following analysis of initial activity.Monthly consultation included
After the tuning phase, a monthly block of two hours consultation time is included at this level. This amount of time is typically adequate to cover operational concerns.Only effective and current tools utilised
As part of this base service, we commit to using the latest and most effective tools available to perform the task. As new tools are available, we will evaluate them. As tools become obsolete, Elefire will drop them.
Additional options can be selected to suit individual organisation requirements. These options could include:Maintenance of historical logs
The objective is to provide accurate logs that can assist law enforcement agencies to perform their tasks. If desired, the client can run their own server for historical archive of log data, and Elefire will provide a data stream in an industry-standard format suitable for the purpose.Co-ordination of response effort
Elefire's existing relations with civil and government agencies mean we can act fast when required, providing comprehensive event reports, pertinent log extracts, and all necessary information in required detail to authorities, leaving you focused on your core business.Elefire's participation in various Legal Committees ensures that our knowledge concerning log content and archiving is specific to the requirements for investigation whilst not exceeding current privacy legislation. Your organisation need not track the moving target of the current privacy legislation - Elefire take particular care that their IDS offering complies with legislation and assists insurance claims to recover damages if required.
The scalability of Elefire's managed Intrusion Detection System means your organisation can stay one step ahead of intruders and unauthorised access attempts, giving you peace of mind, leaving you to focus on core business.