IPS Capabilities


Intrusion Prevention provides numerous capabilities at both the host level and the network level, but from a high-level perspective, the capabilities provided by Intrusion Prevention fall into the following two major categories:

  • Attack prevention

  • Regulatory compliance

Attack Prevention

The main capability provided by Network Intrusion Prevention is the ability to prevent malicious traffic from reaching the target system. Detection systems have been used for years, but each of them always allowed a certain amount of malicious traffic to reach the target systems (because they were reactive in nature). With the introduction of Intrusion Prevention, you have the ability to proactively defend your network against attack.

Besides preventing attacks, Intrusion Prevention also enables you to enforce RFC compliance. For example, many peer-to-peer applications take advantage of the fact the outbound traffic to a destination port of TCP port 80 is usually allowed by the perimeter firewall to communicate using TCP port 80 as well. By enforcing RFC compliance, your IPS can ensure that traffic using the TCP port actually matches the HTTP definition (RFC 2616).

Note

For a more detailed explanation of Host IPS capabilities, refer to Chapter 5, "Host Intrusion Prevention Overview," and Chapter 6, "HIPS Components." Similarly, Chapter 7, "Network Intrusion Prevention Overview," and Chapter 8, "NIPS Components," provide detailed explanations of the Network IPS capabilities.


Regulatory Compliance

Regulations force many network operators to guarantee that certain security restrictions are enforced on your network. These requirements are especially robust with the respect to networks that handle medical information on patients. Deploying both NIPS and HIPS can assist in being compliant with many of these requirements.

Note

For more information on regulatory compliance issues, refer to Chapter 5.





Intrusion Prevention Fundamentals
Intrusion Prevention Fundamentals
ISBN: 1587052393
EAN: 2147483647
Year: N/A
Pages: 115

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net