Mako’s Central Management System allows IDS/IPS to be managed remotely for any number of globally or locally distributed locations using Mako 6600 network appliances.
Mako Networks’ enhanced intrusion detection and prevention system (IDS/IPS) extends enhanced Next-Generation Firewall (NGFW) security capabilities to customers using Mako 6600 firewall appliances. NGFW technology improves network traffic filtering by performing more thorough inspection of packets, including payload contents. The IDS/IPS features are fully managed via the cloud-based Mako Central Management System (CMS) and can be applied to any number of globally distributed locations using simple but powerful templated and layered rule sets.
The Intrusion Detection System (IDS) identifies and flags communication with known bad actors and alerts on abnormal communications, both inbound to and outbound from a network. The IDS does this by examining the source and destination IP addresses and ports in addition to the content of each packet. The Intrusion Prevention System (IPS) specifies a course of action to take with detected traffic. Users may choose to pass, alert, or drop detected traffic for each rule. The IPS also prevents DoS attacks as well as attacks on common operating system and software vulnerabilities.
Typical IDS/IPS deployment is to configure and activate IDS, monitor detection results and fine-tune the configuration over several weeks, then activate IPS to drop any high-risk or otherwise unwanted traffic. Periodic review of this configuration should be added to the network maintenance schedule. Best practice is to limit IDS/IPS deployment only to critical networks, such as a payment network, as examining traffic may have an impact on connection speed. Ideally, a secure critical network will present relatively few opportunities for bad traffic but still warrants observation, while something less critical, such as a public Wi-Fi network, might be under constant attack but the risk to operational security is low.
The Mako CMS IDS/IPS solution allows users to specify rules sources and to configure profile templates, which are used to customize IDS/IPS behavior and to deploy to any combination of remote locations: a single site, any group of sites, or the entire enterprise. It is recommended to focus on managing larger groups of locations with templates and then override specific rules at specific locations, as needed. Default rules sources are available for immediate use; however, custom cloud-based rules sources may be added to provide alternatives. The Mako CMS automatically communicates with rules sources to keep rules up-to-date.
“Our IDS/IPS enhancements are another example of Mako’s dedication to continuous development of our security technology,” said Simon Gamble, President of Mako Networks. “Mako appliances are true Next-Generation Firewalls, which is important because part of our established value proposition is that our appliances can replace multiple hardware and software elements of an on-site network with one cloud-managed network security appliance and a ‘single pane of glass’ global management platform.”
To inquire about Next-Generation Firewall solutions for your distributed enterprise, contact Mako Networks at email@example.com or +1 800-851-4691.