Network-based Intrusion Detection

In parallel with the statistical analysis of network traffic, the Security Team also runs the "Snort" Intrusion Detection System (IDS). Snort performs in-depth packet inspection comparing the packet contents with about 12.000 different patterns (so-called "rules").

These rules, mainly stemming from the Sourcefire Vulnerability Research Team and Emerging Threats, added with several developed in-house, are targeted to find malicious behaviour and infected or compromized devices as well as policy violations like the unauthorized usage of Peer-to-Peer applications and instant messaging applications.