- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Intrusion Prevention Systems- Security's Silver Bullet?
- Abstract
- Presently available network security components like Firewalls, Anti-Virus programs and Intrusion Detection Systems (IDS) cannot cope with the wide range of malicious attacks and zero day exploits on computer networks and systems. Multi-exploit worms like Nimda, Trojan horses, and polymorphic viruses are penetrating defenses, causing downtime and huge financial loss to businesses. "Script kiddies" can create malicious code with tools like Fragrouter and ADMutate. This paper takes a look at Intrusion Prevention Systems (IPS), preceded by a history of network security components that fortify our networks. An understanding of Firewalls, Anti-Virus programs, and IDS is important, before moving onto IPS. With the proliferation of sophisticated attacks and the discovery of new vulnerabilities, new methods are needed to protect precious data and network resources. IPS use a new proactive approach that stops the hackers (black hats) before they can do damage. Host and Network based IPS are now commercially available and more are to come in the next few months. Could IPS help secure our network and critical business assets? This paper probes into the technology behind these systems, why we need them, how they function, their pros and cons, and some highly rated products.