Cadamier Network Security Corporation, Denver Colorado
Cadamier knows your network security is essential for your organization’s information system. The safety provided by our Intrusion Detection Systems-IDS can stop attackers before they steal important information.
Intrusion Detection Systems-IDS are dedicated computer systems that are strategically located in key segments of your network. They are setup to continually watch active network traffic for known attack signatures and conditions.
When a recognized attack or condition exists, all information about it is recorded and a preprogrammed response is executed that issues an alert and/or stops the connection cold by injecting packets to stop the attack.
IDS protection supplements firewall protection because firewalls only allow permitted traffic. An IDS examines the contents of that traffic as it passes in and out of the firewall and determines if that content contains an embedded attack.
These systems also provide the ability to record and log other non-attack information as needed. This helps diagnose network problems and provide network usage information for the enforcement of Internet usage policies.
Intrusion Detection Systems deployed by Cadamier utilize a combination of dedicated detection devices (sensors) and a centralized alert notification system that is used to watch the behavior of the network in real time.
IDS Deployment
IDS systems can be deployed on any network within your organization. It is generally recommend that IDS sensors be installed behind the firewall unless the firewall is specifically being monitored against a particular attack definition.
Installing a sensor in front of the firewall, although yielding a significant amount of potentially useful information, generally serves to consume valuable resources tracking down scans and attack attempts that will never pass through the firewall.
While an IDS sensor, in the most aggressive scenario, could be placed in all networks. Cadamier specifically recommends that IDS sensors be placed in any network that talks to the Internet using clear-text services. This includes the main company network, the web server network, and the Internet Banking network if any non-encrypted services are in use.
IDS Installation
The installation of IDS services involves three steps: remote management setup, configuration, and initial tuning.
Remote Management Setup is required so that Cadamier is able to remotely configure and control each IDS sensor. This requires that a virtual private network be setup between your firewall and Cadamier's firewall.
Configuration takes place when we configure and tune your IDS detectors to provide your network with the maximum amount of security without impacting your network performance. We will examine each of the detection signatures, and tune it's behavior and reactions to the customer's needs.
Initial Tuning takes place during the installation of the IDS system. IDS systems are configured by default to have little active protection against attacks and instead focuses on logging. During the initial tuning phase, Cadamier will harden the security policy in each detector by editing each detection signature and configuring the response of the IDS system to those attacks.
IDS Maintenance
Continuing maintenance of an intrusion detection system entails the tuning of security policies, custom policy revisions, installation of updates, and troubleshooting.
Tuning of Security Policies ensures that the IDS system evolves with your changing needs. The security of your network involves constant vigilance.
Cadamier will work with you to tune the security policies of your IDS detectors, reducing or increasing enforcement of various attacks as necessary for your network to work smoothly.
Custom Policy Revisions permit the customer to specify custom policy revisions, like recording all traffic to or from a particular machine, or tracking someone's browsing habits. These customizations can range from specific network protocols to a specific machine on your network.
Installation of Updates maintains the security of your IDS detectors by verifying that the latest updates are installed. Cadamier's engineers can watch to make sure that any updates will be applied as soon as they are available.
Troubleshooting your IDS can involve any number of testing methods. In the event that your IDS sensors malfunction or stop working, Cadamier will work diligently with you and the manufacturer to correct any difficulties with your IDS.
IDS Monitoring
IDS monitoring is recommended by Cadamier because it provides assurance that the IDS systems are continuously operational. If an IDS system stops functioning, it leaves you unprotected.
Monitoring also provides you with skilled Cadamier engineers who will review your IDS records on a regular basis, spotting attacks and network problems, and will recommend solutions.
Enforcement
At the customer's request, Cadamier can also provide enforcement capabilities as well. In the event that someone tries to perform something more invasive than a simple scan, Cadamier will track down the attacker for you, inform the proper authorities of the questionable activity, while keeping the identity of your organization confidential.