ProductsBest network intrusion system and top IPS systems
As the name implies, intrusion prevention (IPS) doesn't simply detect attacks as an IDS does; it actually prevents attacks from taking place or automatically blocks them upon detection. Intrusion prevention systems enable an organization to take proactive, highly automated steps to guard against intrusions. Most network intrusion prevention technologies are installed at the network perimeter and afford protection for all devices behind the point of deployment. Leading players in this space include StillSecure®, SourceFire® (Snort®), SonicWALL, and TippingPoint.
|
Out-of-band IPS (OOB IPS) systems straddle the firewall much like an IDS. As mentioned previously, an IPS contains built-in IDS technology that monitors and analyzes network traffic. As such, an IPS can readily detect attacks embedded in legitimate traffic destined for the endpoint. An IPS, though, takes the next step. Based on the IDS traffic analysis, an OOB IPS can manage the firewall, instructing it to terminate the suspicious activity. With this functionality the management interface is in direct communication with the firewall. In-line IPS systems perform similarly. The key difference is that inline IPSs have traffic-blocking functionality built in. This allows the IPS to terminate harmful traffic even more quickly than an OOB IPS. In addition to protecting the network perimeter, in-line IPSs are well suited to guard against threats that originate behind the firewall. For example, in-line IPSs can secure private connections, such as those you might put in place for partners and suppliers, where firewalls are not traditionally installed, yet that are vulnerable to attack. Also, when installed between a wireless access point and your wired LAN, an in-line IPS eliminates the vulnerabilities that make wireless (or Wi-Fi) networks so easy to hack into. |
Linux server intrusion prevention, endpoint intrusion prevention and moreThe level of automation within an IPS can vary significantly among products. Many must be configured and managed to reflect the traffic patterns characteristic of the network on which they are installed. Possible side-effects of non-optimized performance include terminating legitimate user requests and locking out valid network resources. These side-effects can be minimized with fine-tuning controls available in some IPS systems, such as StillSecure Strata Guard, which takes the powerful, open-source Snort®* engine and makes it practical for protecting corporate-scale networks. Overall, IPSs offer significant value by automatically blocking network intruders and saving significant staff time reviewing mountains of firewall and IDS logs. * Snort is a registered trademark of Sourcefire, Inc. Latis Networks, Inc. is not affiliated with, connected to, or sponsored by Sourcefire, Inc. |
Document Library | Privacy policy | Terms and conditions | Copyright® 2002-2010 StillSecure®, All rights reserved.