Intrusion detection involves analysing network traffic to try and identify common attacks being used against your network infrastructure, or the result of a malware infection from within your network.
Navaho use the excellent open source Snort IDS software, in combination with our NetCAGE firewall solution to analyse traffic and create reports of low level threats, or immediately alert you in the event of a high level threat.
Automatic Threat Blocking
In the event of a very serious threat, our Snort IDS guest can even ask the NetCAGE guest to block the source of an attack while the authenticity of the threat is verified by our support team.
Easy to use Web Interface
Whilst an incredibly powerful and popular tool, creating and fine tuning rules for Snort requires some expertise – Navaho handles all of this for you and provides a simple web interface to control which rules you wish to use.
The customer login to our central management system allows you to view reports and to control which threats you wish the system to check for. It also allows you to set up whitelists of known good machines to prevent false positives from being constantly generated.
Flexible Hardware Deployment
Intrusion detection uses a lot of processing power, so we recommend that it is only used on our Data Centre/ME or Enterprise hardware. For sites with high network traffic, to ensure that IDS scanning does not impact on network performance, the Snort guest can be deployed on separate hardware, with the NetCAGE mirroring traffic for analysis over a dedicated network connection.