Albert Network Monitoring and Management

Albert Network Monitoring and Management is an industry-leading Intrusion Detection System (IDS) designed specifically for U.S. State, Local, Tribal, and Territorial (SLTT) government organizations.

Learn how Albert is advancing state and local cybersecurity.

How Albert Helps You...

Monitors for malicious traffic

Many SLTT organizations have limited staff, resources, and expertise. With Albert, the expert security analysts in CIS's SOC monitor for malicious traffic so that you don't have to.

Serves as a second line of defense

For SLTT organizations that have the resources to monitor their own network traffic, Albert can serve as a powerful failsafe. Albert is a second line of defense, protecting your network with CIS experts' deep knowledge and experience tackling SLTT-specific threats.

Offers 24x7x365 management and support

When your team is off, CIS's team is on. With expert security analysts working round-the-clock, CIS can offer you the peace of mind that comes from knowing your network is in good hands every second of the day. If an incident does occur, CIS analyzes the event and only sends notifications on actionable threats, saving your team time and resources.

Saves you money with free incident response

Albert saves you money compared to other IDS solutions by providing free incident response support through the MS-ISAC's Cyber Incident Response Team (CIRT). CIRT uses all available information, from the Albert alert to evidence collected remotely, to aid each member organization in identifying, containing, and removing threats.

Serves as an extension of your security team

CIS handles monitoring and management of the Albert sensor 24x7x365. This service includes maintaining the operating system, IDS engine, NetFlow tools, and signature sets. We will work with your organization to make signature modifications upon request. We can also collaborate with you to write custom signatures to detect specific types of malicious activity on your network. All Albert customers get access to expert-developed products produced by the CIS Cyber Threat Intelligence (CTI) team. The CIS CTI team  helps SLTT organizations prepare and defend against cyber threats  by developing and delivering valuable information on emerging cyber threats, in-depth threat intelligence reports, and technical information regarding vulnerabilities in software and hardware.

NetFlow

A NetFlow record is a summary of a data exchange between two systems. It’s based on seven distinct characteristics:

1. Source IP
2. Destination IP
3. Source port
4. Destination port
5. TCP Flags
6. Number of bytes of traffic sent and received
7. Timestamp information (start, end, and duration of connection)

Traditional network security monitoring services alert on malicious activity going forward from the time a signature is deployed. However, Albert leverages NetFlow logs to review data retroactively, which improves the ability to search for malicious activity. This allows CIS's security analysts to search previous network activity for specific threats reported by partners while investigating concerns identified in the network environment.

Pricing is based on average internet connection utilization. A one-time initiation fee per sensor applies.

What customers are saying