Advanced protection against cyber-attacks is a top priority for businesses as the number suffering the loss of reputation and profit is rising all the time as hackers find new ways to infiltrate corporate networks.
But what protection is right? Which should you choose? Is one type enough?
One system will not be enough if you truly want to protect your business. You will need to layer multiple solutions in a way that offers the best protection against a variety of threats and specific types of attack. An advanced protection solution is like a having multiple walls surrounding a building rather than relying on a single entrance to deter intrusion. If an attack breaches the perimeter defence, then there are still others in place.
Advanced protection, or threat management systems, represent these defences and they come in multiple forms: Intrusion detection systems (IDS), intrusion prevention systems (IPS) and cloud security. They all rely on similar technologies, but each fills a different function and defends against different types of attack.
What is an IDS?
An IDS identifies possible cyber-attacks rather than preventing them. IDS tools sit outside the network and review copies of incoming data. These copies are compared to a library of known threats to correctly identify malicious traffic before it can proceed further into the network to guard against policy violations, information leaks, configuration errors, unauthorised clients, servers and applications, plus viruses and Trojan-horse attacks. An IDS is incapable of taking direct action against threats but send an alert to the network administrator for them to take action.
What is an IPS?
An IPS is like a security guard. It sits behind the firewall to check all incoming traffic for potential threats. It uses pre-defined security policies that determine the level of protection needed. These are updated daily, so your cyber-security is always up to date to provide protection against the latest threats.
We can provide you with an easy-to-use dashboard for management of your own IPS and threat protection level policies. You can also view security reports from any internet-accessible device. Data is presented in real-time, allowing IT administrators to quickly gauge the status of current threats, as well as viewing historical trends, for informed decision-making.
Together, an IDS and IPS give you superior visibility, embedded security intelligence and automated analysis to help you protect your network. We use next-generation Cisco solutions, which come with fully integrated advanced malware protection (AMP) and sandboxing solutions, in our own data centres to meet the cyber-security needs of our co-location and managed server customers. These provide up-to-the-minute threat protection through Cisco’s worldwide threat visibility and analysis organisation and Sourcefire Snort engine, the single most widely deployed IDS and IPS technology in the world.
What is cloud security?
Our cloud security protection utilises Cisco Umbrella. Cisco Umbrella uses the internet’s infrastructure to block malicious destinations before a connection is ever established. Umbrella uses the domain name system (DNS) to stop threats over all ports and protocols - even direct-to-IP connections - to stop malware before it reaches your endpoints or network. We will also protect against ransomware. Even if your devices become infected in other ways, Umbrella prevents connections to the attacker’s servers to stop data exfiltration and execution of ransomware encryption. Umbrella analyses data to identify patterns, detect anomalies and create models to predict if a domain or IP is likely malicious to automatically correlate data and block attacks. We can provide you with an easy-to-use dashboard for management of your own Umbrella instance, where you can configure your protection polices, fine tune your content filtering preferences and view security reports from any internet-accessible device.
If you want to protect your business from cyber-attacks, please get in touch with our security experts.