ManISec Corporation

Managed Information and Security
 

Home | Contact | Login

Managed Services

Secure Perimeter Gateway - Multi-function perimeter security device, including stateful firewall, IDS, and VPN capabilities.

Forensic Network IDS - State of the art IDS and forensic data collection.

Secure Mail - Eliminate SPAM and Viruses from your existing mail infrastructure.


Linux Consulting

Engineering - Design and implementation of systems, clusters, and heterogenous networks.

Deployment - High speed, large scale customized Linux OS deployment.

Configuration - Expert configuration and tuning with security and performance in mind.

Forensic Network Intrusion Detection

As the Internet continues to grow, so does the exposure and risk. Network Intrusion Detection Systems (nIDS), when properly implemented and monitored, are an integral part of the defense against hostile traffic that batters your network daily. nIDS security allows you to react when/if someone breeches your network, and also supplies continuous information about the health of your networks from a performance as well as secure perspective. nIDS tools in the right hands can often identify network as well as security problems before they occur. Installing nIDS architecture by themselves are only part of the task.

Without the supporting skill and talent to monitor and analyze the information nIDS engines provide, one is subject to the time, attention and abilities that one gives to a security device. There are efforts to develop nIDS engines that 'report' events against your network via email, pager notification, pop-up announcements to name a few, but they rely on time, attention and ability. Often these systems are tuned to respond to every event which requires time and attention to analyze and determine if the event is important or not, which leads to a dumbing down of the nIDS sensors to avoid the annoyance, rendering the nIDS tools ineffective.

Hiring a full time security professional(s) to monitor and maintain and nIDS solution can be expensive, and the nIDS software/hardware itself is generally not inexpensive. This often puts security out of reach of the small to mid-sized organization who lack the kind of Capital Expenditure it takes to hire a security professional and purchase the software/hardware to monitor networks. To maintain 24 x 7 monitoring would require a minimum full-time staff of five qualified people.

This is a recurring pattern where an institution recognizes the need for security, lays out CapX to acquire monitoring architecture, discovers the requirement from person/hour as well as skill-set perspective to man these tools is greater than anticipated, often results in the devices being tuned down beyond effectiveness or forgotten altogether. Very few network system administrators have the time much less are qualified to sort through logs and packet traces and determine what is 'bad' and what is 'false alarm'.

Manisec solves this. We provide nIDS architecture and highly qualified security professionals to handle all aspects of a secure nIDS system for your networks; from installation and configuration, to real-time monitoring and analysis and active response. Protecting your assets with an nIDS solution is now affordable and reliable.

Technology Overview:

The core of our specialized technology is the Managment System Framework (MSF), developed by Manisec. MSF's distributed parallel computing architecture provides the ability to effictively assimilate, analyze, and manage the massive amounts of data collected by Manisec's nIDS appliances, firewalls, routers, servers, and even third party nIDS and/or hIDS solutions.

Manisec's nIDS Sensors provide unparalled realtime and forensic capabilities. The nIDS detection engine is based on the premier OpenSource nIDS package Snort, and augmented by several proprietary packages, which add additional features/capabilities such as SNMP based alerting, forensic data mining, event corrolation, and packet trace ringbuffering.

A brief feature listing of this system includes:

  • Intelligent handling of IP fragmentation.
  • TCP stream reassembly.
  • Intelligent porstcan detection.
  • HTTP Protocol analysis.
  • Large signature base (over 1,600 unique signatures).
  • Easy addition of custom signatures.
  • Rapid signature updates for newly discovered vulnerabilities.
  • Event correlation.
  • Alert suppression and/or aggregation.
  • Up to 100mbit Ethernet sustained throughput.
  • Centralized reporting.
  • Alert abstraction.
  • Multiple alert pathways (Syslog, SNMP, SQL, E-Mail, Pager, etc).
  • Statistical anomaly detection.
  • Forensic data mining
  • The best technical support in the industry.
  • Custom features as required.
  • Multiple tools for data analysis/reporting.
  • Easy integration with existing network management environments.

Service Overview:

Manisec will:

  • Handle all aspects of installation, configuration, and maintenance of nIDS Sensor(s).
  • Perform a baseline vulnerability assessment of Customer's network(s)/host(s).
  • Notify Customer of successful or potentially successful intrusion events.
  • Provide statistical and summary reports of attacks against Customer's network.
  • Provide detailed evidence to Customer in case of successful attack.
  • Generate and track incident reports for attacks directed at Customer network(s)/host(s).
  • Monitor syslog or SNMPtrap events generated by Customer's existing systems (Optional).
  • Configure Sensor to send syslog or SNMPtrap events to Customer's existing network managment system(s) (Optional). 


For further details about Manisec services, or if interested in having us 
design/develop a custom solution that addresses your environment, 
e-Mail info@manisec.com 
describing your needs. You will receive a response within one 
business day.  Reseller and agent inquiries welcome.
























Copyright © 2001-2003  ManISec Inc., All Rights Reserved.

Unauthorized use in any form is explicitly prohibited.


Best viewed at 800x600 or higher resolution.

This site is compatible with any browser.

<webmaster@manisec.com>