Intrusion Prevention Systems

.A few years ago there were a handful of products claiming this capability. Now, all security vendors seem to have one of their own. Unfortunately, these products are still far from perfect; they all need tuning specific to your environment during installation, and they all generate false positive alarms, so your staff needs to be well trained in order to read the
product output properly. With enough time, training, and tuning, this technology can be a tremendous asset in your security posture - depending on where the sensors are placed, they can keep watch to see if anything is getting past your firewall, or watch segments of the internal network to see if anyone on the inside is trying things they should not. The most
critical piece of this technology is event correlation and reporting, which most organizations overlook until the product is in and running, and management asks to see a report …..A capability of some intrusion detection products is the ability to automatically respond and reprogram edge security devices in your network as soon as it recognizes an attack in
progress - thus ‘slamming the door’ on the attacker, usually within the first minute of suspicious activity.

 

 

 

y. All rights reserved.