Intrusion Prevention System

Colt Managed Intrusion Prevention System (IPS) is designed to enhance overall network and application security. It complements traditional firewall security.

IPS helps protect your critical network and application services by analysing, detecting and responding to packet level network traffic. It can block and log bad traffic in line with the global settings maintained on each device. Our service protects the network by scanning, detecting and responding to network traffic according to the filters, action sets, and global settings maintained on each network device.

Each device provides intrusion prevention for the network according to the number of network connections and hardware capabilities. IPS devices also have built-in intrinsic high-availability features, guaranteeing that your network keeps running in the event of system failure.

Our IPS management service includes provision and maintenance of the IPS appliance. We will perform the initial setup, on-going management and updates as well as monthly reporting in line with your specifications.

IPS management supports the following functions:

• Behavioural analysis / Anomaly detection to alert against new attacks
• Protocol analysis and RFC conformity
• Stateful inspection
• Transmission Control Protocol (TCP) flow reassembly
• IP defragmentation
• Prevention of exploitive attacks - such as viruses, trojans or manual intrusion attempts
• Prevention of reconnaissance attacks - such as stealth scans
• Prevention of masquerade attacks - such as IP spoofing
• Prevention of misuse attacks - such as protocol tunneling
• Prevention of malicious attacks to gain access - such as brute force password attack
• Identification and prevention of high-priority threats based on known vulnerabilities
• Signature-based attack identification
• Fail open and fail close options - in case of power loss, network traffic can continue to flow to the IPS device or traffic can be blocked.