Networks today are becoming increasingly vulnerable to hostile attacks and infections such as viruses and worms that spread rapidly, crippling the entire network. With this growing threat, networks need to be designed and equipped with the sophisticated intelligence to diagnose and mitigate these threats in real-time.
The Cisco Intrusion Prevention System (IPS) offers networkwide protection providing self-defending solutions, and threat protection through pervasive network integration. IPS defeats threats from multiple vectors and provides extensive behavioral analysis, anomaly detection, security policies, and rapid threat-response techniques.
Cisco IPS provides a comprehensive and proactive threat-prevention solution that provides end-to-end, day-zero protection of your network.
The chapter began by providing a basic overview of the Network Intrusion Prevention systems followed by a comprehensive overview of the network-based Cisco IPS solutions. The chapter listed various types of Cisco Network-based Intrusion Prevention solutions.
The chapter examined the core concepts for the Cisco IPS Sensor OS Software, such as the sensor system architecture, sensor communication protocols, signature and signature engines, IPS events and event actions, IPS Virtualization, and load-balancing techniques.
The chapter also provided basic deployment guidelines for IPS placement in network scenarios and provided sample configurations to implement IPS solutions in a network environment.