Network Intrusion Detection Systems

Overview

The Information Security Office (ISO) operates several "Intrusion Detection Systems” (IDS) to detect and respond to security incidents involving computers connected to the campus network. These systems monitor and analyze network traffic and generate alerts. Alerts are reviewed by ISO security analysts and, if warranted, notifications are sent to designated security contacts for investigation and remediation.

We offer these services because hosts connected to the campus network are frequently compromised by hackers. It is easier for a computer to be compromised than most people think; even casual web browsing to legitimate sites with a vulnerable browser can result in a compromise.

A compromised system is a serious threat to the campus network and might cause:

  • Loss of valuable information resources, such as research data
  • Exposure of personal information and university data assets
  • Use a platform for criminal activity and attacks on other systems
  • Reputational damage and legal/financial liability
  • Blocking/blacklisting of campus network space from other internet resources

By detecting intrusions and requiring remediation, we remove these threats from the campus network. This helps to create a safe and secure environment for university electronic resources.

The Benefits

All network traffic crossing one of our tapping locations is monitored, so all members of the campus community with devices and data connecting to the Internet can benefit from our services. This includes:

  • Researchers using the network for storage and transmission of research data
  • Students using electronic resources to complete their coursework
  • Staff supporting University administrative functions requiring information technology resources
  • University administration meeting legal and ethical requirements to protect private information
  • Individuals with private information on campus information technology systems

Additional Information

Service category