-- PAGE 3 --
Intrusion Prevention Systems – A Review cont...
The IPS Mechanism
When discussing Intrusion Prevention Systems, there is a formula that is commonly used:
IPS = IDS + Firewall
While this formula provides a useful means of conceptualizing the basic make-up of an Intrusion Prevention System, it is also a simplistic model, concentrating upon form over substance, and more explanation is needed.
A firewall is a system which applies an access control policy. It checks data traffic passing through, and blocks data packets which do not match its security policies. An Intrusion Detection System (IDS) monitors network or system performance, looks for behavior contrary to its security policies and recognizable attack signatures, and it triggers alarms accordingly. So, a firewall rejects obvious attacks, while suspicious traffic will pass through. In turn, the IDS monitors all the data within the network, notifying the network administrator of attacks at a point where the attack is actually live and inside the network. In other words, neither the IDS nor the firewall is capable of blocking attacks themselves at the point at which an intrusion is identified.
The IPS then, is something more than an IDS plus a firewall. The IPS is designed as an embedded system which creates plenty of filters to prevent different kinds of attacks, such as those from hackers, worms, viruses, DoS and other malicious traffic, in advance so that enterprise networks do not suffer any loss even if the latest security patch has not yet been applied. The deployment of an IPS is based upon an “in-line” module: data passes through the IPS device from one end of a single data channel, only the data that is checked and validated by IPS engine, is allowed to pass through to the other end of the data channel. In this scenario, packets containing attack signatures along with their source packets are cleaned out of the network.
Figure 2
-- PAGE 3 --
Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Glossary | References
Xuhua Ji, September 2007
(You are free to reproduce any of the information in this article or part thereof, so long as the byline remains intact and a link is provided back to this page)
add to del.icio.us
0870 393 0044
free articles
- Internet marketing tips - onsite SEO (pdf opens in a new window) read more >>
- Email messaging services and protocols (pdf opens in a new window) read more >>
- Search engine optimisation: an integrated approach (opens in a new window) read more >>
- How to find a good web designer or eCommerce provider - read more >>
- How to keep old computers out of landfill - read more >>
- How enterprises can save money on software licenses - read more > >
- More green computing tips for businesses - read more > >
- How to find a domain name - read more > >
- how to find a web hosting package - read more > >
- IPSs- an intro read more > >
free links
- free technical resource links read more > >
- list of free business directories read more > >