Intrusion Detection and Prevention Systems (IDS/IPS)

An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or a system attack from someone attempting to break into or compromit a system.

Detection, alerting and reporting of Internet traffic identified as suspicious according to customer defined, custom security policies.

E-CAPS can offer you the following:

- IDS/IPS with Snort Advanced Techniques:

Snort is an open source network intrusion prevention and detection system (IDS/IPS) capable of performing real-time traffic analysis and packet-logging on IP networks. It can perform protocol analysis, content searching and matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts and more.

 IDS/IPS with an add-on security module (AIP-SSM) for the Cisco 5500 Series:

You can transform the ASA 5500 into an IDS/IPS sensor as well. The Sensor operates in either “Promiscuous Mode” (IDS functionality) or “Inline Mode” (IPS functionality).