About Managed IPS
Overview
Situational awareness is the perception of systems and events with respect to time or space, the comprehension of their meaning, and the projection of their future status. You’ll have situational awareness because you’ll know where you are vulnerable. You’ll know what systems could be compromised and you will know what data, then, might be at risk. You know about it all. More importantly, you will be able to do something about it. A large part of our effectiveness comes from having developed a thorough technical methodology that is reliable, repeatable and that definitely goes well beyond automated tools:
Characterize Flows
- Determine when, and for how long the exchange took place
- Determine how much data was being exchanged and over what ports
Determine Disposition
- Enumerate Threat Indicators from a wide range of both public and private sources
- Match what happened with possible scenarios to determinedly the most likely reason for the events seen
Profile Hosts
- Determine the identity of the source, the owner of the source, and what its being used for
- Determine the identity of the destination, the owner of the destination, and what its being use for
Added Benefits
Unlimited and unmetered assistance
Our team will then help you take the necessary steps to mitigate the threat before damage is done, working hand-in-hand with your team until the issue is resolved.
Performance and availability management
Hellfire monitors the health of your sensors and ensures they stay operating by performing any break-fix activity that’s needed.
Device upgrades and patch management
Hellfire upgrades your devices when the time comes and apply patches as they come in to ensure that your sensors have the latest bug fixes in place.
Policy and rule management
Hellfire maintains your rules too and deploys updated policies so that the sensors stay aligned with your network.
Incident Notification
When an incident is identified, you will be notified immediately, and depending on the severity, be contacted by email or phone so that you can counter the threat.
Regular Reports
Monthly Reports keep you aware of what’s going on in your network, and provides, at a glance, a record of everything that happened over that month. Quarterly reports let you know what gaps were discovered in your defenses and how to close them. Supplementary reports are also available and let you know such things as who violated policy or what attackers are interested in the most.
Types of Sensors
Intrusion Detection Systems
Hellfire Security can monitor your enterprise with intrusion detection systems like Snort, Suricata, and Bro.
Intrusion Prevention Systems
Hellfire Security can also monitor your enterprise with intrusion prevention systems like Sourcefire's 3D System, and IBM Security's XGS.
Endpoint Detection and Response
And Hellfire Security can monitor your enterprise with EDR like Crowdstrike and Carbon Black.