Protection of network perimeter

A network perimeter security creates to protect corporate networks from unauthorized intrusions, data leakage, attacks and penetration of malicious software.

The most of companies have a corporate network. Large enterprises have a head office and many branches exchanging information through corporate networks. In that case, a network perimeter security is the safest way to protect an organization from leakage of confidential information, employee’s personal data, as well as external attack or intruders.

The local network organization

Basic requirements to the corporate network include intranet communications through secure channels and regulated protocols for "external communication". Herewith, the local network must remain opaque from the outside.

The security gateways comprising dozens of secure communications are used to arrange an information transfer within the local network. In addition, the network perimeter security has the next tools:

  • VPN;
  • firewall;
  • IDS/IPS.

Detecting or monitoring

The operation principles of IDS/IPS systems based on the analysis of the transmitted packets contents, including archived data.

IDS system operates basically using existing signatures. In fact, one plays a role of attack or intrusion detector, giving a signal about this. However, it is impossible to prevent unauthorized activity by IDS means.

It is necessary to install IPS system in order to fully monitor and prevent intrusions. The scope of IPS system includes viruses’ identification for both known and unknown types, attacks as well as preventing network intrusion.

Depending on the rules when it detects malicious content, IDS/IPS systems perform one of the following actions:

  • notify the network administrator;
  • discard malicious packets;
  • tearing down sessions;
  • remove malware;
  • make the system information prohibited from modification.

ProtectMaster Company provides a full service of the network perimeter security setting up.

These are exist two kinds of IDS host differing by a way of installation. The first type is software on servers and workstations. The second kind of IDS host is NIDS: transparent and sensor networks. Our experts will help you with choice of a particular IDS/IPS system, its installation and configuration.

Share or save it: