Intrusion Prevention
Corporations need to understand that their data is a valuable commodity. Hackers always look for sensitive and confidential data that can be used to their advantage on the black market. Your Firewall in not enough anymore.
G.T.S.P. understand this all to well, and that is why we use and sell AlienVault®.
AlienVault® Unified Security Management™ (USM™) delivers built-in intrusion detection systems for your critical IT infrastructure, enabling you to detect threats as they emerge in the cloud and on premises. With AlienVault USM, you can also collect and correlate events from your existing IDS/IPS into a single console for complete security visibility while protecting your investments.
USM provides comprehensive intrusion detection as part of an all-in-one unified security management console. It includes built-in host intrusion detection (HIDS), network intrusion detection (NIDS), as well as AWS IDS and Azure IDS for your public cloud environments.
To ensure that you are always equipped to detect the latest emerging threats, AlienVault Labs Security Research Team delivers continuous threat intelligence updates directly to USM. This threat data is backed by the AlienVault Open Threat Exchange™ (OTX™)—the world’s first open threat intelligence community.
Intrusion Detection Systems for Any Environment
- Intrusion Detection for AWS & Azure Clouds
- Network Intrusion Detection System (NIDS)
- Host Intrusion Detection System (HIDS) and File Integrity Monitoring (FIM)
Quickly View Threats in the Dashboard
- Use the Kill Chain Taxonomy to quickly assess threat intent and strategy
- Automatic notifications and noise reduction help you to work more efficiently
Powerful Analytics Uncover Threat and Vulnerability Details – All in One Console
- Search and analyse events and event details in highly granular, flexible ways
- Identify assets and vulnerabilities in a consolidated view
Integrated Threat Intelligence from AlienVault Labs
- Continuous threat intelligence delivered, so you can focus on responding to threats faster
- Powered by the Open Threat Exchange (OTX)
G.T.S.P. provide 2 types of IPS systems, Network Based (NIPS) and Host Based (HIPS). Both of these devices could also be “virtualized” if required
Network Based (NIPS)
This is a hardware appliance (or Virtual) that consist of an array of segmented ports that could inspect between 1 and 4 segments of your network traffic simultaneously. These devices will inspect the traffic as it moves through the network.
Host Based IPS (HIPS)
Many organisations think that their antivirus will protect the endpoint when it comes to hacking attacked. Currently there are many different ways to bypass an antivirus. It is imperative that a HIPS system be installed on your important devices in the organisation. These software will detect and alert the administrator in the event of an internal attack on a server.