Many customers are taking advantage of Intrusion Prevention Systems at the edge of their network to protect their organizations from Internet based threats. These solutions are often integrated with the organizations firewall, mail and web security appliances. Many of these systems today have expanded beyond signature based solutions to include the concept of reputation based filtering.
While edge network IPS solutions have proved to be an effect means of mitigating threats, the increase in threat complexity has led to the need for Core IPS solutions to help protect critical business assets from the ever evolving threats of malware, worms, viruses and other threats. There are two types of solutions that can be deployed in this scenario; network based sensors and host based software.


Network based sensors require that all traffic pass through the appliance. This solution ensures that all traffic is passed through the inspection engine as it enters and leaves the network core. This is an effective way to ensure all traffic gets inspected but the downside to this type of solution is that the appliance must operate at data center speeds of 1Gbps or greater. Often this leads to the appliance potentially becoming a bottleneck. As sensor throughput speed increases, so does the associated cost.
Host based IPS solutions are software that is typically installed on the host that detects unauthorized or unwanted activity. These solutions typically inspect the host machine to determine the use and needs of that machine and then allow policy to be written for the specific machine. Often host based IPS solutions provide additional functionality such as web application firewall, file system integrity and other features.
Below are links to some popular solutions to this growing need.
Cisco IDSM-2
http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps5058/product_data_sheet0900aecd804b91d7.html
Cisco 4200 series IPS sensors
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/ps9157/product_data_sheet09186a008014873c_ps4077_Products_Data_Sheet.html
Cisco Security Agent
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/data_sheet_c78-458616.html
Trend Micro Deep Security

http://us.trendmicro.com/us/solutions/enterprise/security-solutions/virtualization/deep-security/

Author: Mike Lundy

Posted at Geeknick

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

Tagged with:

Filed under: Network Security

Like this post? Subscribe to my RSS feed and get loads more!