• Home
• Solution Center
  • Threat Watch
  • Industry Solutions
  • Cloud-Based SaaS
  • Solutions Library
  • Request Demo or Quote
• On-Demand Services
  • Intrusion Monitoring
  • Enterprise Firewall
  • Small Office Firewall
  • Vulnerability Scanning
  • Network Access Control (NAC)
  • Log Management
  • Web Application Firewall
  • Wi-Fi Security
  • Device and AV Monitoring
  • Network Monitoring
• Support
• News & Events
  • Press Releases
  • Analyst & Press Briefs
  • Events
• Company
  • Careers
  • Partners
  • Partner Alliances
  • Industry Alliances
  • Partner Program
  • Contact Us

Intrusion Monitoring On-Demand

“It is well known in the security world that attackers send malicious data masquerading as ‘normal’ traffic, which is difficult to detect. Before we had a co-managed IDS system, we were struggling to keep on top of an endless stream of false alerts, continual signature updates, device tuning and after-hours monitoring, since 24x7 alert and device monitoring is not practical nor the best use of IT resources for us. Security On-Demand does a great job of helping us maintain our overall security posture by providing this for us.”

– Network Administrator, Palm Springs Aerial Tramway

More Info

  IM Data Sheet

Intrusion Monitoring On-Demand™ - Intrusion Detection Prevention Security (IDPS) Service

The “Intrusion Monitoring On-Demand” service offering from Security On-Demand™ is designed to protect against attacks that originate from outside of the network via the internet.

Don’t Ignore the Firewall When Deploying IDPS
Externally based network attacks are designed to circumvent the organization’s defensive countermeasures such as firewalls and Intrusion Detection Prevention Systems (IDPS).  When the IDPS is positioned behind a properly configured firewall, it becomes capable of detecting and preventing attacks that tunnel through the firewall.  This begs the question, if the IDPS sensor is placed in front of the firewall, does that effectively mitigate risk from an improperly configured firewall?  If your firewall gets ignored, who wants to find out?

By NOT ignoring the potential misconfiguration and by carefully reviewing and fixing any incorrect security policies on the firewall, the organization will be better protected because there is less overall irrelevant data, fewer false positives, and greater focus on traffic that is not getting stopped by the firewall and actually gets passed by the firewall into the internal network.

Focus on the DMZ
The threat assessment focus in most organizations should be within the DMZ. Understanding what the systems within the DMZ are doing, how they should normally be communicating and behaving is more art than science. In the past, the vulnerable attack “surface” of externally facing servers typically included missing security patches, outdated anti-virus, and system misconfigurations. Today’s risks are primarily centered around application based attacks, such as SQL Injection, Cross-site Scripting, and Cross-site Forgery several others. Today’s IDPS technology, systems and personnel such as what Security On-Demand™ deploys, must be particularly capable of addressing these particular threats. Many of the “home-grown” sensor technologies and event triage approaches in the marketplace today do not have this level of sophistication.

No More False Positives
Security On-Demand’s IDPS technology is based on both behavioral and signature based attack identification approaches. A key technological advantage is our ability to also integrate vulnerability data from the network into the sensor. When blended with this data and then correlated with all other information observed all WITHIN the sensor itself, the “heavy lifting” normally required by a separate Security Event Management (SEM) or event correlation engine is greatly reduced. While still retaining a log of all data flows, only the relevant information is passed along by the sensor for further analysis into our proprietary Threat Assessment System.