Passive monitoring of a client’s network traffic to determine suspected threat activity.
CenturyLink’s Network Intrusion Detection Service (NIDS) is available to clients using CenturyLink Colocation or Managed Hosting services, as well as on client premises.
The service provides passive monitoring of a client’s network traffic to determine suspected threat activity. Proactive blocking (Intrusion Prevention System), functionality is not included with this service. CenturyLink is responsible for the installation, configuration, administration, monitoring, maintenance and support of the service.
The design of the client network will determine how the network traffic is directed to the NIDS service. Options include using a customer managed or dedicated network switch, or CenturyLink provided network taps.
In the event of a suspected threat activity, the CenturyLink Security Operation Centre (SOC) will perform an analysis of the detected event. The result of the event analysis could result in the following recommended actions:
Promptly detects intrusions or security attacks, internally or externally
Averts costly consequences of intrusion incidents
Minimises the potential impact of incidents on your business
Ideal for clients requiring an extra level of security in the event of firewall security being compromised.
Intrusion Detection Systems can also analyse that traffic for possible system misuse or attacks originating from inside the organisation.
Response time SLAs are documented in the Incident Management section of the Savvis Station portal.