Click here to ask for help with a managed intrusion detection system

ConnectDS provides Managed Intrusion Detection Systems (IDS) and Managed Intrusion Prevention Systems (IPS) services to UK businesses managed by our 24/7/365 security operations centre. Speak to us about your Managed IDS / IPS requirements and how we can provide expert monitoring and protection for your network traffic.

What Is an Intrusion Detection System (IDS)?

IDS is a Network-based Intrusion Detection System (NIDS) analyse network traffic to identify patterns of network traffic to identify malicious and policy based violations. It works by either scanning for known hacker contraventions or searching for anomalies in activities over the network. When such activity happens, the Intrusion Detection System will signal an alert that there has been some suspicious discoveries. The goal is to catch the cyber security hackers before any damage is done to the system.

Managed IDS
Managed IDS 2

Fully managed IDS/IPS services:

An Intrusion Detection System constantly scans your network traffic to identify known traffic patterns that can include malware communications, web based attacks, plaintext communications, network misconfigurations and suspicious patterns and policy violations within your organisation. The security knowledge required to set up and manage the alerts for this security technology is advanced and typically beyond the expertise that businesses can manage in-house. With highly experienced security analysts and 24/7 incident responders, getting a managed solution with ConnectDS will not only prevent the requirement to employ costly security staff, but will also give you peace of mind that your network is under constant review. Having An Intrusion Detection System (IDS) also offers an added comfort, or necessity, to clients data you have stored in your system. With the ever-changing threat landscape, there is a lot of value in the knowledge that you have the expertise of a ConnectDS specialist to monitor your systems.

Frequently Asked Questions about Intrusion Detection Systems (IDS):

Please see below for some common questions on our IDS solutions, if you would prefer to speak to someone then give us a call and speak to one of our team in our Surrey or London offices to understand your requirements and learn how our security experts support other businesses in the United Kingdom (UK).

Intrusion Prevention System (IPS) is network security technology that monitors network traffic and DETECTS and BLOCKS patterns of known malicious traffic or notable communications that could be a policy violation.

Intrusion Detection System (IDS) is network security technology that monitors network traffic and DETECTS patterns of known malicious traffic or notable communications that could be a policy violation.

Network Intrusion Detection System (NIDS), Host-based Intrusion Detection System (HIDS), Perimeter Intrusion Detection System (PIDS), VM-based Instrusion Detection System (VMIDS)

The two main types of intrusion detection systems are Network Intrusion Detection Systems (NIDS) and Host-based Intrusion Detection Systems (HIDS).

The main components of an intrusion detection system are:

  • monitoring users and system activity
  • auditing system configuration for vulnerabilities and misconfigurations
  • assessing the integrity of critical system and data files
  • recognizing known attack patterns in system activity
  • identifying abnormal activity through statistical analysis
  • managing audit trails and highlighting user violation of policy or normal activity
  • correcting system configuration errors
  • installing and operating traps to record information about intruders

The two main approaches to intrusion detection are anomaly detection and misuse detection.

There are benefits for both IDS and IPS, IDS alerts give greater visibility without concern of blocking legitimate traffic in the event of a ‘false positive’, whilst IPS enables automated blocking and traffic control.

Intrusion detection and prevention signatures are small rules that match patterns of network traffic and perform an alert, or block in the event of IPS. ConnectDS partner with commercial IDS content providers for effective and high-fidelity signatures, and can also provide custom signatures created by our security analysts.

An IPS can be used to block exploits to internal systems with known vulnerabilities; putting Intrusion prevention protection at the network can shield these systems whilst patches are being deployed or created by the software publisher – this process is commonly referred to as Virtual patching.

Intrusion prevention and Intrusion Detection Systems are deployed at the network gateway of internet breakouts and in front of any internet facing services – Situated at the network gateway blocks both inbound and outbound network communication thus securing your network perimeter.

Monitoring of an IDS solution is human intensive in terms of investigation, validation and turning – an external IDS service provider can supply expert resourcing to manage your IDS platforms. ConnectDS provide a fully managed IDS service to manage your existing IDS platform, or deliver the solution including dedicated hardware as a service.

The cost for managed Intrusion detection managed services is dependant on number of sites, users and whether you currently have a platform or require the solution delivered as part of the service – Our analysts can work with your business to gather your security requirements and architect an effective solution with a full proposal of costs.

The key to a successful security program is the initial setup and optimisation of any tooling. ConnectDS provide both IDS tuning and IPS tuning services for your business to maximise your investment, reduce ‘false positive’ alerts and ensure the configuration is optimised for threat detection. We can provide expert IDS tuning as a consultation exercise or we include this service upon onboarding or implementing your IDS solution.

IDS and Firewalls are separate security engines and perform different functions – an IDS can be a built in function on your firewall appliance or a standalone appliance. If your firewall has this functionality then the IDS module can be leveraged.

Find out more

To enquire about our UK based managed IDS and managed IPS services, please contact the ConnectDS team by giving us a call or completing our contact form.

cyber exchange member logo
Cyber Essentials logo
CISP logo
IASME logo


Sign up to our email newsletter – opt out at anytime – view our Privacy Policy.