The Office of the ITS provides network intrusion detection services on the state's network. The primary focus of the intrusion-detection system (IDS) is identifying and preventing threats from the Internet. Using our IDS, we gather and analyze information from various areas within our core servers and on the state's network to identify possible security breaches which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization).
As part of our IDS, we also use vulnerability assessments (sometimes referred to as scanning) to assess the security of a computer system or network.
Our IDS functions include:
- monitoring and analyzing user and system activities for specified systems
- analyzing system configurations and vulnerabilities
- assessing system and file integrity
- monitoring for patterns typical of attacks
- analyzing abnormal activity patterns
- tracking user policy violations