Compunet, Inc. - Intrusion Detection System

What is Internet Security?
What is a firewall?
McAfee SpamKiller
McAfee Active Virus Defense Suite
McAfee ePolicy Orchestrator
External Security Vulnerability Assessment
Internal Network Vulnerability Assessment
Virtual Private Networks (VPNs)
Digital Video Recorders
Contact Us

5/17/2008 12:53:25 AM

Provides P.D.R - Prevention, Detection & Response
Prevents attacks by Detecting and Responding to attack signatures.

Stateful Packet Inspection
Gets inside each and every packet and looks for attack signatures.

24/7* Response & Monitoring
Subscription based monitoring and response service.

Supports 100mb Fast Ethernet network speeds
Capable of functioning on Fast Ethernet networks at 80%+ saturation levels.

Live Notifications
Can send, if desired, notifications to specified desktop users of an attack in progress.

Auto-Lockout Response
Automated denial of access to would be attackers.

Outline of product type:

An IDS product is placed at any point on a network where a customer needs extra protection and confirmation of integrity of data. An IDS examines every packet of information as it passes and matches known attack signatures to each packet. This technique is similar to Anti-Virus detection techniques although its spectrum of coverage pertains to known attack attempts and reconnaissance techniques as well as internet worms and other network based attacks.

Location of product type:

Typically the first IDS is placed immediately behind the firewall and as such, can be considered a complimentary device. A firewall allows information packets to pass or be dropped based upon a number of ACL (Access Control List) rules. The firewall knows not nor cares what each packet contains, it merely looks at the where from and where to and makes decisions based upon that information. An IDS examines each and every packet that passes in both directions - in and out of the network - and ensures traffic that allowed in and out is indeed safe and free from malicious content.

Additional IDS devices are often placed in secondary key locations:

Outside the firewall to audit what attacks are being launched against a network and what are actually successfully passing through to the internal IDS.
At the boundaries of key inner networks such as accounting, data processing and human resources or where ever sensitive, critical data is stored.

Installation and Configuration:

A typical installation in a small to medium network with an existing firewall typically takes 1 - 2 days onsite with a further 1 week of fine-tuning. A fine-tuning period is mandatory to reduce the instances of false positive results. A false positive is acceptable, from a customer's perspective, traffic that causes an attack alert. A common example is Outlook Web Access, which by default looks like an attack to an IDS. The normal fine tuning period is roughly 1 week but is dependant on network size and complexity. A few hours a day are spent looking at the alerts generated and ascertaining if this is allowed traffic or not and amending the rules as necessary. Due to the remote management aspect of this box (see below) this time need not be spent onsite. Communication with the key technical contact is however paramount during this time.

Ongoing Support and Monitoring:

New attacks are developed and used daily by would be attackers. Whilst the IDS will protect against generic attacks, updates are the key to keeping current the defense capabilities of the device. Without updates, the IDS functionality is severely reduced.

» Call today for more details: 478-738-9849 or Toll Free 1-800-872-5203

CompuNet, Inc.
Corporate Headquarters
337 Third Street
Macon, GA 31201
478-738-9849
1-800-872-5203
Fax: 478-738-9068

CompuNet, Inc.
Atlanta Office
4485 Lawrenceville Hwy
Suite 203
Lilburn, GA 30048
678-533-0220 ·
Fax: 678-533-0202