mail icon

Companies are regularly subjected to attacks. An intrusion detection system (IDS) analyses the data traffic and reliably secures infrastructures and applications. It checks the unencrypted data traffic and sounds the alarm in the event of attack patterns and protocol deviations.

Standards such as ISO 27001 and the recommendations of FINMA require that unauthorised accesses must be systematically monitored. An IDS is needed for this. Managed IDS records the warnings and classifies them. If they are perceived as incidents, an analyst assesses them.

Recurring services

Security Incident Monitoring and Management

A security incident is a potential attack on one of your company’s systems. Incidents are classified by the system and shown in the security dashboard. An analyst examines harmful attacks while harmless and false attacks are logged.

To protect your company network, communication is handled with a standard signature set. In addition, attacks on Web servers, file transfer servers, mail servers and DNS server are recognised. If the analysis confirms the attack, Swisscom escalates the security incident and recommends the implementation of relevant measures.

Signature Management

Swisscom uses exclusively manufacturer signatures and maintains an IDS signature database for all customers. The signatures are activated only in alert mode so that they do not block data traffic. The database is updated at regular intervals. Before Swisscom activates the signatures, they are imported in our own laboratory and extensively tested.


The MSS-i dashboard shows these reports, among others:

1. Daily, current security incident report

  • How many attacks did the IDS and firewall service classify as harmful (absolute and as a percentage)?
  • How many security incidents were escalated to the customer?

2 Monthly, detailed reporting of IDS modules as PDF files.

  • The most frequent security attacks and their targets.
  • The most frequent security attacks and their sources.
  • The most frequent attacks on security by date.

I want to know more about the Security Dashboard and reporting.

How you benefit

You ensure that unauthorised access can be detected in real time.

You have relevant security events filtered.

You can monitor the traffic behaviour of your organisation.