CIS provides clients with a full intrusion prevention plan. The process of performing an overview and providing recommendations on intrusion prevention includes, but is not limited to, the following services:
• Overall assessment of existing methodologies, focused on preventing intrusion attempts
• Review of process and control procedures that exist that are geared to next steps once an intrusion is identified
• Programming of existing Intrusion Detection / Prevention devices if present
• Recommendations and implementation of Intrusion Detection / Prevention appliances and recon actions
Some of the Intrusion Prevention/Detection Devices that CIS focuses on are, but not limited to:
• Cisco Intrusion Prevention/Detection Appliances.
1. Includes the Cisco Firewall Feature Set for routers.
2. Includes the Cisco IDS appliances.
3. Includes the Cisco ASA detection and prevention appliances.
• Symantec IDS / IPS appliances.
• Juniper IDS / IPS appliances.
• Open Source [Snort] implementations.
Intrusion detection and prevention includes many aspects of risk; CIS engineers attempt to provide clients with the solution that best fits their business needs, while following industry and manufacturer best practices.