Intrusion detection and intrusion prevention systems

Monitor events in your network for security threats and stop threats once detected.

IT resources struggle to identify and prioritize threats because resources are stretched, and incidents can be overwhelming.

Intrusion Detection Systems (IDS) monitor networks and/or systems for malicious activity or policy violations and report them to systems administrators or to a security information and event management (SIEM) system. Intrusion Prevention Systems (IPS) are positioned behind firewalls and provide an additional layer of security by scanning and analyzing suspicious content for potential threats. Placed in the direct communication path, an IPS will take automatic action on suspicious traffic within the network.

Intrusion detection systems and intrusion prevention systems


Trend Micro

Trend Micro Deep Security allows you to apply specific security controls from a comprehensive set of tools, all in a single agent on each of your instances. With a host-based IDS/IPS solution like Deep Security, you can scale security as your environment grows while maintaining consistent policies and keeping your environment compliant. This enables you to virtually shield data and applications from vulnerabilities and meet compliance requirements for Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), and more.

Automate security across hybrid environments and containers: With powerful, automated security capabilities for hybrid environments, broad container protection, and AWS API integrations, Deep Security is built to scale with your cloud projects no matter where they live.

Prevent breaches with proactive security: Shield against zero-day vulnerabilities with virtual patching. IPS prevents breaches by blocking network intrusions and vulnerability exploitation. The lightweight Deep Security agent is optimized for AWS, ensuring instant protection your workloads without slowing you down.

Scale cloud workloads and automate security processes: With host-based security, you prevent security bottlenecks when scaling and provide customized protection for workloads. Deep Security is also fully scriptable and integrated with cloud management tools such as AWS CloudFormation, AWS OpsWorks, Chef, Puppet, SaltStack, and Ansible.

Using the Deep Security AMI, customers can protect their physical, virtual, or cloud resources with an agent or Trend Micro’s virtual appliance.

Trend Micro

*Hover on the image for a maximized view.

Alert Logic

Alert Logic provides the visibility needed to elevate your security posture by automatically detecting resources deployed in your environment and providing guidance on configurations and vulnerabilities.

With Alert Logic, you can:

  • Find security vulnerabilities before adversaries can launch exploits
  • Identify 91,000+ security vulnerabilities and 8,600+ software configuration issues across all your environments
  • Get container security intrusion detection for AWS-deployed Docker, AWS Elastic Container Service (ECS), AWS-deployed Kubernetes, AWS Elastic Beanstalk, and CoreOS

Security for AWS environments: Alert Logic utilizes an Identity and Access Management (IAM) Role and IAM Policy to allow Alert Logic third-party access to an AWS environment. Alert Logic integrates with AWS CloudTrail for collecting API activity data within an AWS account and includes it with log data from other applications and systems.

Alert Logic

      *Hover on the image for a maximized view.

Traditionally a brick-and-mortar business, Rent-A-Center started to use AWS in order to launch services through e-commerce. In migrating to the cloud, Rent-A-Center decided to use Alert Logic on AWS because the solution is designed for the cloud, with advanced threat analytics, detection, and alerting across applications and services.

Gary Sprague's quote

With multiple IT and business groups on AWS, we need to be able to understand what they’re doing and where our data resides. Using Alert Logic, we can see if someone has inadvertently moved something into the cloud that shouldn’t be there.

- Gary Sprague, Director of Information Security, Rent-A-Center

The increased visibility from Alert Logic and AWS cloud management tools gives Rent-A-Center’s IT staff peace of mind.

You can try Alert Logic Threat Manager with ActiveWatch with a free tier of five hosts (Amazon Elastic Compute Cloud instances). You can also upgrade at any time to any higher tier based on the number of additional hosts or longer subscription times.

AWS Marketplace

AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS.

Backup and recovery

Protect your data from physical or logical errors, such as system failure, application error, or accidental deletion.

Web application firewall

A Web application firewall (WAF) helps protect your web applications from common web exploits that could affect application availability or compromise security.

Transit VPC

A transit Virtual Private Cloud (VPC) connects multiple VPCs and remote networks in order to create a global network transit center.

Business continuity

Business continuity (BC) and disaster recovery (DR) technologies help businesses resume operations with as little disruption as possible.

High availability

Protect against data center, availability zone, server, network and storage subsystem failures to keep your business running without downtime.

Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.

Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.