Do you use Network Intrusion Prevention Systems?

Last updated by KaiqueBiancatti over 4 years ago.See history

Network Intrusion Prevention Systems (IPS) can assist with network security by automatically detecting network attacks and stopping them before they become an issue.

Most business firewalls have some sort of IPS/IDS system built into them. Cisco has FirePower and PfSense has Snort. Both will assist in watching for suspicious activity and DDoS attacks, blocking traffic where necessary.

Both FirePower and Snort can get automatic updates from the internet so they remain at the forefront of new emerging attack strategies, so it is important to ensure that the associated module has internet access to remain up to date.

Depending on your environment you may want to enable inspection of all traffic, however this may slow data transfer, but it may be important depending on the data your company is dealing with. Otherwise it is recommended that WAN to LAN traffic is being inspected only.

We open source. Powered by GitHub