1 Next Generation Intrusion Prevention System

The network intrusion prevention system (IPS) appliance solution is composed of stand-alone appliances that inspects all network traffic that has passed through frontline security devices, such as firewalls, Web security gateways and email security gateways. IPS devices are deployed in line and perform full stream reassembly of network traffic. They provide detection via several methods — signatures, protocol anomaly detection, behavioral or heuristics. By being in-line, IPSs can also use various techniques to block attacks that are identified with high confidence. The capabilities of IPS products need to adapt to changing threats, and next-generation IPSs (NGIPSs) have evolved in response to advanced targeted threats evading first-generation IPSs.

Next-generation IPS (NGIPS) products are being put through their paces in real-world IT environments, the question is whether IPS will maintain its relevance in the enterprise or fade away as organizations put less emphasis on perimeter security and look to bundle similar feature in unified threat management and next-generation firewall deployments.


Why is it Important and relevant to an enterprise?

Security threats and attacks at the application layer are becoming more complex and more sophisticated. More than ever, you need to achieve the highest level of effective network intrusion security; it's critical to maintaining the high level of protection that keeps your business running.

Cyber attackers have access to some of the smartest people and sophisticated, clever attack tools and malware. In many respects, they appear to have the upper hand in the continuous battle against security countermeasures. Attackers employ armies of infected computers (known as bots or zombies) in botnets that launch massive, automated attacks that scan enterprises for vulnerabilities and exploit them, usually to steal information.

Increasingly, criminals, unscrupulous competitors, hacktivists and unfriendly nation states are launching targeted attacks against high-profile targets. Attackers breached security giant RSA, obtaining data to compromise its flagship SecurID authentication products. The so-called Aurora attacks successfully breached Google, Adobe and a number of other major companies.

The firewall is an important cornerstone of network security. Traditional firewalls are generally easy to operate and maintain, but are also relatively unsophisticated and therefore ineffective against many of todays advanced Internet threats. Because traditional firewalls aren't designed to inspect application content, an attack from an allowed IP address or port can often simply pass through a firewall.

Endpoint antimalware detects and blocks many attacks, but its effectiveness has decreased in the face of extremely sophisticated obfuscation techniques, polymorphism and the sheer volume of new malware - millions of unique samples every year.

Next generation IPS solutions provide flexible and modular security for defending your applications, networks and data from today's advanced persistent threats and high-profile attacks.


What benefits you derive by implementing this solution?

The IPS operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical. Appliance based IPS high performance and extraordinary intrusion prevention accuracy has redefined network security, and fundamentally changed the way people protect their organization. It is no longer necessary to clean up after cyber attacks have compromised network servers and workstations. No more ad-hoc and emergency patching and no more out of control, rogue applications like Peer-to-Peer and Instant Messaging running rampant throughout the network. Denial-of-Service (DoS) attacks that choke Internet connections or crash mission critical applications are a thing of the past. IPS solutions decrease IT security cost by eliminating ad-hoc patching and alert response, while simultaneously increasing IT productivity and profitability through bandwidth savings and protection of critical applications.

Key benefits of NX IPS System


Who does Hemayait represent to provision this technology?

The Mcafee Intrusion Prevention System (IPS) delivers the most powerful network protection in the world. The Mcafee IPS is an in-line device that is inserted seamlessly and transparently into the network. As packets pass through the IPS, they are fully inspected to determine whether they are legitimate or malicious. This instantaneous form of protection is the most effective means of preventing attacks from ever reaching their targets.

Mcafee Intrusion Prevention Systems provide intrusion Protection, Anomaly detection and reconnaissance  Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks.


To know more about TippingPoint CLICK HERE