What is network Intrusion Prevention?
Intrusion Prevention Systems (IPS) automatically detect and block malicious network and application traffic, while allowing legitimate traffic to continue through to its destination. An IPS must operate inline with minimal impact on network latency and be scaleable to cope with the demands of a multi-gigabit network environment. Why do I need an Intrusion Prevention System (IPS) if I currently have a Firewall and an Intrusion Detection System (IDS)? Firewalls are typically deployed at the network perimeter. However, many attacks can easily bypass the perimeter and many are launched, sometimes inadvertently, from within the organization. For example, consider the following situations: • An employee who logs on to the corporate network with a laptop computer that became infected while using it at home. • A consultant who downloads malware from their corporate network, while working at your facility and inadvertently spreads it onto your network. • Remote users who log on using a virtual
A Network Intrusion Prevention System (IPS) is an in-line security appliance that inspects network traffic, identifying malicious, harmful, and/or unwanted network activity and blocking it. The inspection performed by an IPS is done in real-time to ensure that good network traffic is able to pass through the IPS without noticeable delay.
