Intrusion Prevention Services
The Intrusion Prevention Services have been discontinued. Click the banner above to find an upgrade or purchase support and subscription renewals below.
Protects your business in real-time against global emerging threats and vulnerabilities
- Threat intelligence and signature updates consistently updated from multiple security sources that details how to detect and protect against emerging threats and vulnerabilities
- 24/7 Monitoring and alerting that leverages threat intelligence to block threats and vulnerabilities automatically
- Security Operation Center monitoring your security environment, tuning the IPS to distinguish critical threats from false positives, and escalating as needed 24/7/365
Provides additional security resources via managed solutions that free your team to focus on driving core business value
- Vendor agnostic expertise enabling our solutions and skilled security engineers to work with any existing security infrastructure on your network
- Clone Guard® Network Security delivered as a fixed cost service without requiring any capital expenditures from your budget
- Software updates and patches maintained by our security engineers to address security infrastructure bugs and vulnerabilities
Addresses your business and compliance needs with executive level and detailed reports and dashboards enabling you to visually investigate the threats and vulnerabilities targeting your business
- Actionable reporting tailored to your business needs, compliance standards, and investigative requirements
- Customizable dashboards providing a visual representation of threats and vulnerabilities allowing you to filter detailed security event information
How Intrusion Prevention Services (IPS) And Intrusion Detection Services (IDS) Works
Intrusion Prevention Services (IPS)
The IPS appliance is configured according to your network throughput and interface requirements and is typically installed in-line (also known as in-band) between your edge router and your primary firewall. The IPS runs in protection/prevention mode and inspects all network traffic routed to your infrastructure in real time against consistently updated threat intelligence and signature updates. Upon finding malicious traffic such as a denial of service, brute force attack, worms, software and network exploits to name a few, the appliance immediately drops the packets preventing the attack from reaching its intended target. The Clone Systems Security Operations Center (SOC) consistently monitors this activity and the appliance 24/7 to tune the IPS to distinguish critical threats from false positives and to escalate threats as needed. Note that it is also recommended to have an IPS appliance configured internally within your network to analyze traffic that was originally encrypted with Transport Layer Security (TLS) / Secure Sockets Layer (SSL) / Internet Protocol Security (IPsec) as this traffic cannot be inspected until it is unencrypted.
Intrusion Detection Services (IDS)
The IDS appliance is typically installed as a tap (also known as out-of-band) and runs in inspection/detection mode and inspects all network traffic routed to your infrastructure in real time against consistently updated threat intelligence and signature updates. Upon finding malicious traffic the appliance will trigger an alert about the threat but will not try to prevent the traffic from reaching its intended target. The Clone Systems Security Operations Center (SOC) consistently monitors this activity and the appliance 24/7 to tune the IPS to distinguish critical threats from false positives and to escalate threats as needed. In the event that the threat needs to be blocked, a manual step is required to drop the packets and prevent the attack from reaching its intended target.
Download the Clone Systems Intrusion Prevention Services Datasheet (PDF).