FAQ

Since I do not have to replace my firewall to use your service, what firewalls work with I-TRAP?

I-TRAP is designed to be a "snap-on" service to compliment virtually any Syslog capable firewall on the market. Some names that we are familiar with and recommend are Cisco PIX, Watchguard, Netscreen, SonicWall, Symantec and the list goes on.

If you have specific question about how your network configuration would work with I-TRAP just contact a service engineer to assist.

Why is it important to outsource alerting services?

Almost every organization we work with has the ability or talent to self monitor and creates internal alerting methods, what they don’t have is time and a global view of Internet wide security.

A well structured IDS layer requires time to set-up and on-going tuning and adjustment, aside from the actual log and alert review process. The I-TRAP method uses the strength of its 24x7 NOC to constantly review network activity and view a customers network as part from the outside (as a hacker or malicious application would see it). Individual customers and their networks are no longer islands unto their own but part of an array of networks being protected by a centralized security facility.

Is the data that is transported to the I-TRAP NOC secure?

The events transported off site, which facilitates the monitoring and alerting process, has many layers of its own security. Each I-TRAP device builds a unique relationship to the NOC through tunneling, encryption and a private interface, creating a very high level of security for any data traveling from customer network. The data can then be deciphered by the I-TRAP proprietary backend system.

How up to date is the reporting that comes from an I-TRAP IDS?

Reporting for I-TRAP is designed to be real-time, in the amount of time that it takes for the onsite i-TRAP device to record and forward network events the information is available to the NOC alerting staff. So alerts that are security in nature have the highest priority and can be investigated immediately. The online report tool that customers have access to carries a maximum turnaround of 5 minutes.

Does having I-TRAP on my network require major changes in my current configuration?

I-TRAP is designed as a snap on appliance, the sensors are deployed at open Ethernet connections in front and behind the firewall and a slight modification to the location of your Firewall’s syslog other than that there is no change required to your network. The system is designed to be completely passive on your network, sensors will not respond to any protocol and management function on the device can only be performed from the I-TRAP NOC.

My network is not a typical design, will I-TRAP still work as and IDS/ADS service?

I-TRAP was originally designed as a network monitoring tool, the fact that your network may have multiple firewalls and/or points of entry or no firewall at all makes little difference. The I-TRAP device is often deployed in hosting centers or remote sections of private networks as a strong monitoring tool. You can call with custom configuration question and speak with a systems engineer. We are familiar with most network configurations and can assist with your goal of layered security.





04/09/2007
Storm variant strikes again
On Sunday, April 8th, 2007, a storm was brewing.
more...
next