Intrusion prevention system (IPS)
Student’s name:
Institution:
Date:
Intrusion prevention system (IPS)
Network intrusions are emerging as the new norms of the businesses. Phishing attacks are affecting almost all firms costing economies more than $5.3 billion annually and are argued to have the potential of growing to more than 9 billion US dollars in the coming years ("What is an intrusion prevention system (IPS)?," 2020). It is, therefore, the responsibility of the intrusion tools like the IPS and the IDPs to spot the intruders in advance before perpetrating severe damages.
The intrusion prevention system alludes to network security, which works in detecting and preventing the identified threats. Intrusion prevention systems will play a critical role in continuously monitoring the system's network and seeking to unearth all the possible malicious incidents and further capture details regarding these incidences (Pathan, 2014). The IPS will further report the identified incidences to the systems administrators, which will also implement preventive actions that can include the closure of the access points and configuration of the firewalls for preventing future attacks. The intrusion prevention system solutions are also useful in the identification of issues with the corporate policies, deterrence of employees, and unauthorized people from violating the rules contained in these policies ("What is an intrusion prevention system (IPS)?," 2020).
Some of the features of the IPS include the ability to perform real-time packet inspections, which comprise of deeply inspecting the packets which are traveling across the networks. The IPS can further perform these tasks, termination of the TCP session that has already been exploited, reconfiguring the firewalls hence deter recurrence of similar attacks in the future and removing and replacing of the malicious contents which tend to remain in the networks after an attack.
As there are vast numbers of access points on the standard business network, it would be critical to ensure that there is a means of monitoring the signs of the potential violations, incidents, and imminent security threats. Network threats are increasingly becoming more complex and have enhanced capabilities of even infiltrating the most secure networks ("9 top intrusion detection and prevention systems," 2018). The intrusion detection and prevention system (IDPs) comprises of the standalone physical and virtual appliances, which play a critical role in inspecting specified network traffic, both on the premises and in the cloud.
The IDPs is quite expensive in comparison to the IPS since the two systems comprise of diverse mechanisms. One of the factors that can justify the costly nature of the IDPs is the fact that it embraces two significant techniques in the detection of intrusion. The first technique is signature-based detection, which looks for the signs of the well-recognized exploits (Blokdyk, 2019). The second mechanism employed by the IDPS is statistical anomaly-based detection, which compares the usual network activities with what is viewed to be reasonable in case it finds aberrations. It will air alerts of taking preventive action. Unlike the intrusion prevention systems, which can only detect attacks, the IDPS is further enabled to prevent the attacks (Pathan, 2014). The IDPs are also able to offer solutions that can be both hosts based and network-based.
References
9 top intrusion detection and prevention systems. (2018, February 20). Retrieved from https://www.esecurityplanet.com/products/top-intrusion-detection-prevention-systems.html
Blokdyk, G. (2019). Intrusion prevention systems a complete guide - 2019 edition. 5starcooks.
Pathan, A. K. (2014). The state of the art in intrusion prevention and detection. CRC Press.
What is an intrusion prevention system (IPS)? (2020, March 24). Retrieved from https://www.forcepoint.com/cyber-edu/intrusion-prevention-system-ips
Discount Assign
INTRUSIONPREVENTIONSYSTEM.docx
0
