Host Intrusion Detection Systems is an intrusion system designed to monitor a computers internals as well as packets on its network interface. The important thing that they do is monitor the entire computer to ensure that nothing has been changed by intruders. For example, a word document might use different resources than last time which would alert this system and then allow it to investigate further to determine if they file has been compromised.
There are many different Host Intrusion Detection Systems available on the market. For the purposes of this article, I will chose four and list more information about them that would help a consumer make a better informed decision.
- Protegrity Enterprise Security Administrator
- Protegrity Protectors
- Protegrity Tokenization
- Central security policy management, integrated with distributed protection points, for more efficient and cost-effective control.
- Embedded key management for more effective management of encryption across different platforms.
- Complete management reporting to the most comprehensive security events.
- Intuitive user interface to minimize training requirements and reduce costs.
- IBM Trivoli Security Operations Manager
- IBM Tivoli Security Operations Manager for Applications and Databases Resource Value Unit Version 4.1 License + SW Subscription & Support 12 Months (D61U0LL) which costs $574.00
- IBM Tivoli Security Operations Manager for Client Devices Resource Value Unit Version 4.1 License + SW Subscription & Support 12 Months (D61U2LL) which costs $5.70
- IBM Tivoli Security Operations Manager for Network Nodes Resource Value Unit License + SW Subscription & Support 12 Months (D61TVLL) which costs $344.00
- IBM Tivoli Security Operations Manager for Network Security Devices Resource Value Unit License + SW Subscription & Support 12 Months (D61TULL) which costs $688.00
- IBM Tivoli Security Operations Manager Install Resource Value Unit Version 4.1 License + SW Subscription & Support 12 Months (D61U4LL) which costs $57,400.00
- Automate log aggregation, correlation and analysis
- Recognize, investigate and respond to incidents automatically
- Streamline incident tracking and handling
- Enable monitoring and enforcement of policy
- Provide comprehensive reporting for compliance efforts
- DELL Secure Works
- Security Monitoring
- Host IPS
- Firewall Management
- Web APP Firewall
- Real-time, 24x7x365 expert analysis and response to known and emerging threats
- Automated event analysis and compliance reporting
- Integration with virtually any security device or critical information asset
- Powerful, asset-based security reporting with powerful analysis and visualization tools
- Unlimited access to certified security experts
- Implemented in days – not weeks or months
- Check Point
- Check Point IPS-1
- IPS-1 provides the strong, robust, and dynamic security for which Check Point is known. In addition, IPS-1 features superior management tools that increase administrator efficiency and provide unique rapid-response mitigation.
Hopefully these four will give a short insight into different products offered on the market and what some various features entail. I was amazed at how many different products were offered and it would take a long time to go through the list. At the end of the day you do have options and with due diligence can find some great products.