Protecting your networking infrastructure against internal and external assaults is critical. But devoting in-house resources to security is costly and time-consuming. AT&T Managed Security Services has your solution. With AT&T Managed Intrusion Detection Services, you'll benefit from around-the-clock surveillance designed to quickly identify unauthorized attempts to access your network.
The AT&T managed Host IPS/IDS application detects attacks on servers in real time. Host intrusion detection is particularly valuable in environments where AES, SSL, IPSec, or other encryption schemes are deployed because the sensor analyzes the decrypted data. AT&T host sensors monitor systems running today’s most common operating systems for evidence of malicious or suspicious activity in real time. Host sensors use a variety of techniques to detect attacks and misuse, including analyzing the security event log, checking the integrity of critical configuration files, and checking for kernel level compromises.
Network-Based Intrusion Detection Services
With the use of sensors placed at critical points in your network, network-based intrusion detection monitors and compares the traffic signatures to a database of known "attack signatures". Security specialists monitor traffic patterns and other alerts to identify any malicious actions.
Host-Based Intrusion Detection Service
Host-Based Intrusion Detection Service takes protection to the next level - your servers. With this offer, an intrusion detection agent is installed on each protected server and is connected directly to the Security Operations Center. Any unapproved event (whether it be an invalid user login or an unauthorized change to a production web site) triggers an alert. Immediate notification alerts you of the potential intrusion.
Our threat detection service suite includes:
- Thorough, fully managed intrusion detection for IP networks, using sensors placed at critical points in your network
- Enforcement of your network security policy, 24X, by AT&T Security Professionals
- Interrogation of all traffic from a specific interface for attack signatures - examination of the data stream in real-time
- Pre-defined responses to misuse or violations that include alarm generation, tracking or immediate action