What are the essential characteristics of an IPS?
These are the essential characteristics of a good IPS device: a. Block known and unknown (including zero-day) attacks. b. Never block legitimate traffic even when under attack. c. Since it operates inline, it must be a resilient hardware solution that will not be a single point of network failure. d. Not reliant on signatures as the primary form of defense (a method adopted by IPS products that spawned from IDS technologies that are susceptible to false positives). e. Not add any discernable latency under extreme load or attack, since this will negatively impact business users. f. Rapid configuration for immediate protection with minimal ongoing operational maintenance. g. Access to a centralized management solution that has meaningful reporting capabilities. h. As network capacity and performance increases over time, the IPS solution must be scaleable inline with those requirements. i. Cope with new advanced types of security threats in the future. j. Provide relevant data for forensi
