Host-Based Intrusion Detection System and File Integrity Monitoring
Additional to NIDS, HIDS analyses any suspicious activity on the host machine. When the system is alerted, a notification is generated.
We provide two options for our NIDS system:
1) Unmanaged, where all alerts are directed to the client, and
2) Managed, where our NOC will proactively investigate and take required action against alerts.
File Integrity Monitoring
FIM uses a RackCorp software agent to securely check a client's servers for any changes made to system files or windows registry. Once reviewed, a command needs to be run to accept any changes (Eg: after windows updates or configuration changes) so that the integrity of all files is maintained.
Rackcorp offers this solution as unmanaged and managed. The unmanaged version simply notifies the client of changes and the client maintains a database matching changes against it's own changelogs. The managed version enables the RackCorp NOC to investigate and/or process and accept any changes for the client. The team know which system files should or should not be updated, and we maintain a secure checksum database.