ITech Frontiers Secure Suite
RangerIPS / RanegrIDS:
RangerIPS is proactive defense mechanism designed to detect malicious packets within normal network traffic (something that the current breed of firewalls do not actually do, for example) and stop intrusions dead, blocking the offending traffic automatically before it does any damage rather than simply raising an alert as, or after, the malicious payload has been delivered.
It also monitors data streams and the environment specific to a particular application (file locations and Registry settings for a Web server, for example) in order to protect that application from generic attacks for which no “signature” yet exists.
IDS so often overlooked recently in the face of the more “interesting” technology of Network IDS, is seeing something of a resurgence.
This could be due partly to the fact that high speed switched networks are providing a significant obstacle to effective Network IDS implementation, or it could also be that there is a growing realization that there is more to IDS than detecting suspicious packets on the wire. RangerIDS utilizes Pattern Matching, Stateful Pattern Matching, Protocol Decode, Heuristic Analysis and Anomaly Analysis as detection mechanism.