Network IDS

• Can I apply filters on network traffic?
• Do I need an Alert Logic appliance to collect threat traffic?
• How does the Alert Logic agent respond if the host it is installed on has maxed out CPU and memory?
• How frequent and what size are the IDS signature updates that are sent to Alert Logic appliances?
• How long does Alert Logic keep event and incident data?
• In which AWS regions is the Threat Manager AMI available?
• What are the definitions of event classifications?
• What AWS instance types are supported by Alert Logic?
• What can the Alert Logic network intrusion detection system block?
• What ciphers does Alert Logic accept?
• What is the Alert Logic Decryptor?
• What is the difference between a tap and a SPAN?
• What is the maximum duration that can be set for quick block and policy blocking?
• What methods can be used to monitor network traffic?

• Can I apply filters on network traffic?
• Do I need an Alert Logic appliance to collect threat traffic?
• How does the Alert Logic agent respond if the host it is installed on has maxed out CPU and memory?
• How frequent and what size are the IDS signature updates that are sent to Alert Logic appliances?
• How long does Alert Logic keep event and incident data?
• In which AWS regions is the Threat Manager AMI available?
• What are the definitions of event classifications?
• What AWS instance types are supported by Alert Logic?
• What can the Alert Logic network intrusion detection system block?
• What ciphers does Alert Logic accept?
• What is the Alert Logic Decryptor?
• What is the difference between a tap and a SPAN?
• What is the maximum duration that can be set for quick block and policy blocking?
• What methods can be used to monitor network traffic?