Enhanced Firewall options: IDS/IPS
Intrusion Detection and Prevention (IDS/IPS) is an option available on certain firewall models; depending on which service is chosen, the following functionality may be available.
Typically IDS definition updates are periodically downloaded to the firewall automatically.
Redcentric will create a single policy containing some or all of the signatures which can be tailored and applied to certain traffic as required. This single policy is sufficient for the majority of organisations however Redcentric can create and administer additional policies as required.
Depending on the model selected, it may be possible for Redcentric to configure the firewall in such a way that authorised staff can administer IDS policies. Your IT team are free to dictate whether traffic is to be allowed or blocked when an IDS signature triggers the system. Regardless, the event will be logged, a ticket raised within the Redcentric system for awareness only and an email is sent to your IT team for further investigation.
Depending on the model selected, your IT team may be able to access log information pertaining to IDS triggers remotely.