PERFORMANCE: IPS devices should not interfere with the flow of network traffic. Successful IPS solutions operate transparently in-line on the network and must be highly reliable with a long mean time between failure. They must keep latency to a minimum and be scalable to a large number of users and a high volume of traffic.

PROTECTION: Accurate, preemptive protection requires multiple identification and analysis methods to avoid false positives and false negatives. To identify traffic, an IPS must use techniques including port assignment, heuristics, port following and protocol tunneling recognition. Once the traffic has been identified, it must be analyzed using methods that include protocol analysis, RFC compliance checking, TCP reassembly, flow assembly/simulation, statistical threshold analysis and pattern matching.

RESEARCH: IPS solutions require rich security content from up-to-the-second proactive and reactive research covering both threats and vulnerabilities. Global event monitoring in worldwide security operations centers evaluates Internet traffic 24/7 for anomalies that could signify attacks. Information sharing with other research organizations, government entities and industry consortiums enhance the level of research collected.

Only Internet Security Systems Proventia Intrusion Prevention Appliances offer this combination of tools necessary to shield vulnerabilities from dynamic online threats and keep you ahead of the threat.

Author:


About the Author:
Christopher Rouland is the Chief Technology Officer (CTO) for Internet Security Systems, Inc. Rouland is responsible for guiding the company's overall technology strategy with a commitment to developing products and services that preemptively protect organizations from cyber threats. Rouland has 14 years of valuable experience in information technology including vice president of X-Force R&D, software developer, network architect, and vice president of Distributed Technology for Lehman Brothers, Inc.

Sponsor:
Internet Security Systems