Passive monitoring of network traffic to determine threat activity, using client owned devices.
The Service provides managed intrusion detection with 24/7 monitoring and response to computer security incidents. The Service also includes installation, 24/7 monitoring and support of customer-owned Cisco NIDS devices.
The service is available for devices hosted in a CenturyLink Data Centre or located on customer premises.
The service provides passive monitoring of a client’s network traffic to determine suspected threat activity. Proactive blocking (Intrusion Prevention System), functionality is not included with this service. CenturyLink is responsible for the installation, configuration, administration, monitoring, maintenance and support of the service.
The design of the client network will determine how the network traffic is directed to the NIDS service. Options include using a customer managed or dedicated network switch, or CenturyLink provided network taps.
In the event of a suspected threat activity, the CenturyLink Security Operation Centre (SOC) will perform an analysis of the detected event. The result of the event analysis could result in the following recommended actions:
Promptly detects intrusions or security attacks, internally or externally.
Averts costly consequences of intrusion incidents.
Minimises the potential impact of incidents on your business.
Ideal for clients requiring an extra level of security in the event of firewall security being compromised.
Intrusion Detection Systems can also analyse that traffic for possible system misuse or attacks originating from inside the organisation.
CenturyLink personnel will review critical alerts within 15 minutes and notify clients within 60 minutes upon receiving an alert deemed critical by CenturyLink.