Reputation: 2404
Intrustion Detection System on the AWS platform
Is there a solution for an intrustion detection system on the AWS platform? Would you have to go 3rd party or do they have their own offering?
Thanks!
Upvotes: 0
Views: 376
Answers (2)
Reputation: 3773
Snort is a well known Intrusion Detection System. Bro is another well known IDS
Upvotes: 0
Reputation: 6413
Your question is very general. IDS systems look a bit different in the cloud compared to on-premise "traditional" setups and AWS provides a wide array of options in the security area for example: IAM, CloudTrail & VPC Flow Logs. They can serve as building blocks for IDS depending on what you want to achieve.
If you are asking about more "traditional" IDS systems (network-sniffing boxes), there are lots of solutions available on AWS Marketplace via partners, for example: Sophos, AlertLogic, TrendMicro, CloudPassage.
The best recommendation I could give you is watching below videos to get a better overview what are your options:
AWS re:Invent 2015 | (SEC205) Learn How to Hackproof Your Cloud Using Native AWS Tools
AWS re:Invent 2014 | (SEC402) Intrusion Detection in the Cloud
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Upvotes: 1
Related Questions
- Does AWS provide any IDS/IPS in their services or Suggest some budget friendly 3rd party services
- Hardening AWS EC2 Instances
- Vulnerability Scans Against Newly Launched EC2
- Tracking AWS Lambda functions to detect for human intervention and compromise
- Continuous monitoring of AWS resource presence
- Monitor incoming IP connections in Amazon AWS
- Amazon EC2 Instance Monitoring?
- How do I handle a compromised AWS instance?
- Monitoring instances in cloud
- Monitoring solution for EC2 based deployment