Skip Links

Getting the most out of IPS

The tools continue to keep pace with evolving threats and meet head-on new challenges introduced by virtualization and mobility

By Bob Violino, Network World
July 23, 2012 01:02 PM ET

Network World - Intrusion prevention systems — security tools designed to stop problems even before they crop up — have emerged as indispensable components of defense-in-depth security strategies.

But a key success factor for the technology is it hasn’t stopped evolving over the years, and security experts expect this evolution to continue as security threats become ever more sophisticated and targeted.

RESEARCH: Network World Digital Spotlight archive

Among the new features and capabilities on the horizon for network-based IPS are automated analysis and assessment to speed up investigation of malicious events; intelligence to address advanced threats and assess their impact; higher-bandwidth devices; and “application awareness.”

From a historical perspective, IPS evolved from IDS, which was an early requirement for network security, says Jon Oltsik, senior principal analyst at research firm Enterprise Strategy Group. “Network firewalls are meant to enforce binary access policies [for example, allowing or denying access]. IDS evolved to supplement firewalls as a way to look inside packets for signs of known attack patterns,” Oltsik says.

IDS products acted as sort of the network equivalent of endpoint antivirus software, Oltsik says. Then around 2002, IDS started to become IPS by sitting in-line and adding policy management capabilities. “This gave the device the ability to actively block attacks,” he says. “Since then, IDS/IPS functionality steadily grew and can now be used for policy enforcement higher up the stack for applications and even data-loss prevention [DLP].”

IPS in recent years has become a pivotal component of the defense-indepth strategy that many organizations are adopting.

As a layer of defense, IDS/IPS can detect and block known bad behavior and attack patterns, Oltsik says.

Among the biggest trends in IT today are the move to cloud computing services and widespread adoption of mobile devices, such as smartphones and tablets, in the workplace. How well does network IPS address security issues related to these trends?

As vendors continue to add more capabilities and greater efficiencies to IPS, expect the technology to continue playing a major role in corporate security strategies.

To download this PDF, you must be a Network World Insider (free registration is required). The PDF also looks at how the Idaho Tax Commission locks down with IPS. The PDF also reviews tips on how to get the most out of critical IPS tools. And finally when you are looking for IPS tools, what are the 10 questions you should be asking in the selection process.

Read more about security in Network World's Security section.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News