This post is the fourth in a series of eight on five pillars to actionable cloud security. For the rest of the series, visit the Five Pillars blog page here.
This next step or pillar relies on first being able to determine who is allowed access and to what – and then detecting anomalies. Typically, Detection Controls focus on intrusion, more commonly known as Intrusion Detection Systems (IDS). These are automated, and are designed to monitor and analyze network traffic, and to generate an alert in response to activity that either matches known malicious patterns or is anomalous. Some IDS controls go further: they will trigger automated processes that can include recording suspicious activity or scanning the computers involved to try to find signs of compromise.An IDS differs from a firewall in that the IDS looks for intrusions that 1) have already occurred 2) are currently underway, or 3) originate from within the network. ~ @rkturner1Click To Tweet
Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in cloud-deployed solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.
You can email Rich at email@example.com.