Intrusion Detection processes for all environments

IQSPL’s Intrusion Detection processes empower you to inspect traffic between the devices and not just at the edges. For a complete network visibility, link events from your existing IDS/IPS into a single console while protecting your investments.

Deploy signature-based anomaly detection and protocol analysis technologies to defend against threats targeting your system. Identify most recent attacks, malware corruptions, policy violations, system compromise techniques, and other exposures.

Host-based Intrusion Detection System (HIDS) and File Integrity Monitoring (FIM)

Track user access and activity by analyzing system behaviour and configuration status. Identify probable security threats, such as, compromise, modification of critical configuration files (e.g. registry setting/password), rogue processes and common rootkits.

Deploy at the Earliest

Sign up, deploy our USM swiftly and watch actionable alarms in less than one hour.

Always on Guard

You get alerts to most important threats with our 2,000 + correlation directives.

Partner with other IDS

Receive automatically latest IDS signatures and upgraded correlation directives for the newest threats.

Integrated SIEM Correlation

Co-relate events by forwarding IDS and IPS event logs from your current devices to USM Sensor

Quick view of threats in the dashboard

We emphasize on the most important threats targeting your network, and the anomalies that need investigation by using the Kill Chain Taxonomy. You can easily comprehend the threats targeting your network, and when an alarm has been triggered by attackers.

Attack Intent & Strategy

The Kill Chain Taxonomy divides threats into five classes to make you understand the intent behind attacks and how attackers are interacting with your network and resources:

Minimized Noise

Linking IDS/IPS data to multiple security tools to reduce false positives and increase accuracy of alarms.

Absolute Threat Evidence

Understand attack type, number of events, duration, source and destination IP addresses, and more.

Automatic Notifications

Set up e-mail notifications and deploy phone messaging services, such as, SMS.

Workflow Management

Develop tickets from alarms, assign to users, or integrate with an external ticketing system.

Analyze consolidated threat details faster

Accelerate your response work by analyzing related threat details in one place.

See the directive event, the individual event(s) that triggered the directive event, and the correlation level of the directive rule.

Click on any event to examine the details

Normalized event

SIEM information

Reputation of source and destination IP addresses

Knowledge base about the event

Payload of the packet triggering the event