Article: The Importance of Using Intrusion Detection Tools to Secure Your Business Network
The days when strong passwords and firewalls were all that was required to secure corporate networks, have long passed. Intruder attack methodology has become more targeted and sophisticated. Consequently, passive security methods have given way to tools that take a more active approach to network security.
What motivates an intruder? In a word, data. Customer and proprietary information have become hot commodities. In order to protect this sensitive information, a multi-pronged approach including first line of defense firewalls, anti-virus, and applying software patches are key. However, Intrusion Detection and Prevention Services (IDPS) should also be employed.
An IDS monitors network traffic for suspicious activity and alerts network administrators, or responds by taking predefined action like blocking IP addresses.
There are two types of Intrusion Detection Systems (IDS):
Host Based - This IDS is installed on a computer or other device. It runs in the background, examining inbound and outbound network traffic packets combined with log/system file analysis to look for suspicious activity. If something unusual is detected, the IDS can either alert a network administrator or it can invoke predefined methods to try and contain or deter the activity.
Network Based - This is the more aggressive IDS. It monitors traffic on network segments and if it detects suspicious activity, it will take action such as blocking IP addresses or users.
Service interruption and data breach can be costly both monetarily and in damage to company reputation. In the end, a security hardened network will employ a defense in depth concept that uses multi-layered hardware and software solutions to safeguard against data loss. For those threats that manage to get past initial defenses, a good IDS can go a long way toward thwarting and minimizing the damage caused by intruders.
This guest post was provided by Veronica Henry on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information about GFI event log monitoring solution can be found at http://www.gfi.com/eventsmanager
All product and company names herein may be trademarks of their respective owners.
- Firewall and Intrusion Detection
- Network/Protocol Analyzer
- Network Scanner
- Privacy and Anonymity
- Whois and TraceRoute
- Network Utilities, Suits, Toolkits
- Network Monitor
- Network Traffic Accounting
- Network Inventory
- Remote Control
- File and Disk Encryption
- File and Password Recovery
- Keylogger and AntiKeylogger
- Email Tools
Best Recent Downloads
GFI WebMonitor - Standalone Proxy Version
Internet monitoring and web security for SMBs
GFI LANguard Network Security Scanner
Network vulnerability management solution.
Nsauditor Network Security Auditor
Scan and monitor network.Over 45 net tools.
10-Strike Network Inventory Explorer
Monitor network computer inventory
Network Administrator's Toolkit
Inventory user PCs and monitor servers
Net Monitor for Employees
See their screens and take a control.
Recovers MSN,IE,Outlook,ICQ,Ras,Ftp passwords
Server monitoring tool
Network content monitor
Advanced Host Monitor
Award-winning network monitoring software
Network Inventory Reporter
SpotIE Password Recovery
SpotIE recovers Internet Explorer passwords.
Asset Tracker for Networks
Inventory network workstations, build reports
SpotMSN Password Recover
Recovers MSN messenger and Live passwords.
Accent OFFICE Password Recovery
How to break passwords in Office / OpenOffice
East-Tec Eraser 2008
Keep what you do on your computer to yourself
Security Task Manager
Enhanced Process Viewer that protects your PC
A full-featured network toolkit.
SpotFTP Password Recover
Recovers FTP passwords stored in computers.
Free IP Scanner
A very fast IP scanner and port scanner.