Deploy distributed Intrusion Detection (IDS)

Why it matters

Intrusion Detection Systems (IDS) adoption has become more commonplace especially through their integration with firewalls. While the integrated and centralized IDS’s are definitely recommended, they may leave several gaps:

  • Proper visibility across different networks such as OT, is lacking
  • Attacks finding their way or originating from beyond the firewall remain undetected
  • Detection can’t be fine-tuned for each protected network. For example IT vs. OT

How we can help

  • SensorFleet platform makes it easy to deploy lightweight Sensors across networks, running IDS’s as Instruments
  • Distributed deployment provides a second line of defence and more granular detection
  • IDS instances can be managed as a group, but also fine tuned individually
IDS

Bigger picture

Distributed IDS deployment is a part of defence in depth strategy and helps organizations to monitor otherwise “dark” corners of their networks. SensorFleet platform can be used for deploying and managing both Suricata and Zeek instances, either individually or as groups.

A network management system, Intrusion Detection, or Security Information and Event Management system with a capability to monitor and react to cyber incidents or intrusions in the IACS side of operations can improve the cybersecurity posture significantly. It is recommended to establish a capability to conduct continuous monitoring on process networks for unusual behavio
GUIDE FOR PROTECTING INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS AGAINST CYBER INCIDENTS, NATO ENSEC COE, 2022
Previous use case Add value to SIEM deployment Next use case Detect lateral movement

Contact & Locations

contact@sensorfleet.com

Privacy policy »

© SensorFleet Oy
Business ID: 2884312-2

Oulu

SensorFleet Oy
Teknologiantie 11
90590 Oulu
Finland

Sami Petäjäsoja
+358 40 503 0745

Helsinki

SensorFleet Oy
Hitsaajankatu 22
00810 Helsinki
Finland

Simo Mäkipaja
+358 40 583 3999