 |
Resources :
|
Your network needs constant protection from a wide array of application level attacks targeting services such as web, FTP, email, IM/P2P and database/storage. Intrusion Prevention Systems (IPS) uses deep packet inspection to scan network traffic for Worms, Trojans and application vulnerabilities such as browser vulnerabilities, buffer overflows, site cross-scripting, back-door exploits and SQL injection. IPS can detect active attacks in real-time and block them before they can do damage on the network. Intrusion Prevention should also monitor outbound traffic to identify and block backdoor exploits and infected computers.
The evolution of network and application-layer security threats has significantly altered the requirements for the modern network security architecture. Five years ago, a simple Stateful Packet Inspection (SPI) Firewall was sufficient to stop basic attacks such as port scans and DoS attacks. Now, application-layer buffer overflow attacks, Spyware, polymorphic Trojans, blended threats, and other complicated attacks are causing unprecedented amounts of financial damage and loss of productivity. To detect and prevent these threats, a completely new kind of security system is required. This system still performs all of the classic functions of the firewall, but much more. This system is based on Deep Packet Inspection (DPI) technology, where the appliance has the brains and the horsepower to inspect every byte of every packet.
Intrusion Protection (IPS) Security Checklist:
- Dynamic Blocking of Attacks and Intrusions
- Inbound and Outbound Scanning
- Automatically Updated Signature Database
- Wide Array of Protected Applications
- Zero-Day Updates
- Automated Adjustment for False Positives
- Classification of New IPS Signatures
- Granular Control of Rules and Actions
- Automatic Tuning with Initial Configuration
- Passive Monitoring Option
- Email Alerts
- Real-Time Logging and Reporting