Managed IDS/IPS

With an endless emergence of new threats and company resources under constant pressure, it can be difficult to balance all of the strategic and operational tasks required for an effective information security program. Network Intrusion Detection and Prevention (IDS/IPS) devices can provide a highly effective layer of security designed to protect critical assets from cyber threats. Organizations can detect attempts by attackers to compromise systems, applications and data by deploying network IDS; however, keeping the devices tuned and up-to-date so they are effective is a challenge for many organizations.

Managing IDS and IPS devices requires a specialized skill set, because the devices are only effective if they are well tuned to the current threats and the network in which they are deployed. IDS devices can generate thousands of alerts each day and are very prone to false positives, making it difficult to identify true threats and take timely action to protect assets.

Dell SecureWorks' team of security device management experts can help alleviate this burden and enable more effective operation of your Intrusion Detection and Prevention technologies. Our Managed Network IDS/IPS service is provided in an unlimited and unmetered fashion with no limits placed on configuration changes, policy requests, help desk tickets and support from our expert SOC staff. Our experienced security professionals serve as an extension of your security team, providing recommendations and expert guidance as needed at no additional cost to your organization.

Managed Intrusion Detection and Prevention helps you:

Improve IDS/IPS effectiveness
Expert signature tuning and device management ensures you will get the maximum value out of your devices. When the service is first implemented, our experts conduct extensive baselining to tailor detection and alerting to the customer network. Using intelligence from our Counter Threat Unit (CTU) security research group on the latest exploits and attack methods, our device engineers fine-tune IDS signatures to maximize detection capabilities in the customer network. Managed devices are continually tuned, based on CTU intelligence about emerging threats and as the customer network changes.

Identify and respond to threats faster
Our certified Security Analysts are required to hold the SANS GIAC Certified Intrusion Analyst (GCIA) certification. They monitor IDS and IPS alerts in real time, using our proprietary Counter Threat Platform to analyze events and identify threats. All event information is analyzed, including full packet payloads. Events are correlated across all available information sources, including other IDS and IPS devices, firewall logs, network devices, host and application logs, vulnerability scan results, and asset information. When a customer is at risk, our security professionals respond immediately to counter the threat.

Bolster security with advanced research and global security intelligence
The Managed IDS/IPS service leverages applied research from Dell SecureWorks' CTU research team to strengthen signatures and analysis of IDS alerts. Dell  SecureWorks' extensive visibility into billions of events per day enables the CTU group to identify and investigate emerging threats, and develop countermeasures for our customers. This intelligence is fed back into our services to enhance Managed Network IDS/IPS monitoring and response capabilities. Dell SecureWorks provides an advanced level of protection by correlating this intelligence in real time with IDS events seen across our customer base.

Retain the level of control required by your enterprise
Dell SecureWorks' Managed IDS/IPS service offers flexible support in the most complex environments, allowing our experts to tailor services to each customer's individual needs. Appliances can be managed in a traditional managed services model, where customer personnel have limited or no administrative privileges for their IDS/IPS devices.

Unlike other vendors, Dell SecureWorks can also support co-management, where the customer retains ownership and administrative rights to their IDS/IPS appliances to the extent that is preferred. With this approach, our experts alleviate the management, maintenance and monitoring burdens without the customer being locked out of their infrastructure.

Obtain comprehensive visibility into the security activity on your network
Analysts and customers agree. The Dell SecureWorks Customer Portal is the most advanced web-based portal for Managed Security Services. The intuitive and appealing interface furnishes you with clear views into the state of your organization's security posture, supported by real-time, enterprise-wide reporting: Convey the state of your organizations' security with executive level reports and dashboards; Drill down into security activity and events using operational reporting tools; Prove regulatory compliance to auditors quickly and effectively.

Extend your team with security experts at your service 24x7
As part of our Managed IDS/IPS service, your organization will receive unlimited and unmetered remediation assistance and security consultation from our team of certified Security Analysts in our Security Operations Centers. Our Analysts are required to hold the SANS GIAC GCIA certification and bring many years of security experience to help our customers address their complex issues. When an incident is identified, this team will take the necessary steps to mitigate the threat before damage is done, working hand-in-hand with your team until the issue is resolved.

Cost-effective technology and service bundle with iSensor

Dell SecureWorks' proprietary iSensor™ appliance can be included in the service as a cost-effective, fully managed bundle. The CTU research team creates high-fidelity signatures and countermeasures for iSensor as new threats emerge. As with other managed IDS devices, our experts provide full lifecycle management, maintenance and provisioning for iSensor appliances.

The Managed IDS/IPS service provides:

• Expert signature tuning
• Real-time threat monitoring and response
• Integrated Counter Threat Unit intelligence
• On-demand security and compliance reporting
• Flexible co-management options
• Unlimited and unmetered expert support
• Auditable and accurate change management
• Enterprise class availability and redundancy

Full lifecycle management by certified experts:

• Device provisioning and deployment
• Policy and signature management
• Performance and availability management
• Device upgrades and patch management
• Backup and recovery
• On-demand security and compliance reporting
• Real-time monitoring and response to security and health events
• Unlimited and unmetered expert support

Supported IDS/IPS devices:

Dell SecureWorks maintains one of the largest concentrations of certified Intrusion Detection and Prevention engineers in the world. We have years of experience managing market-leading devices.

• Cisco
• McAfee
• Fortinet
• Sourcefire
• IBM
• TippingPoint
• Juniper
• Dell SecureWorks' iSensor