|
|
Intrusion Prevention technology can provide a key component to the overall protection of your network. Initially deploying an IPS on your network does require careful consideration to match the capabilities of your IPS with your unique network configuration. Furthermore, configuring your IPS and monitoring the alerts generated by your IPS devices requires dedicated personnel. Each IPS deployment is fairly unique depending on your network configuration. Regardless of your network configuration, however, you need to analyze your deployment from the following two perspectives:
The most effective Host IPS deployment involves deploying Host IPS on every host on your network. Some of the factors to consider when conducting a partial Host IPS deployment include the following:
When deploying Network IPS on a large network, such as an enterprise network, you have to consider many factors. Some of the more important considerations include the following:
Both Network and Host IPS configuration of your IPS is crucial to providing strong defense against attack. Some of the major factors to consider with respect to IPS configuration include the following:
Monitoring the security related events happening on your network is also a crucial aspect of protecting your network from attack. When planning your monitoring strategy, you need to consider the following factors:
You deploy IPS to help secure your network. If you do not use secure communications protocols (such as SSH, HTTPS, and SNMPv3) and implement secure Layer 2 best practices to access your IPS devices, your IPS devices can become another avenue of attack. IPS communications fall into the following two categories:
|
|
|