Networks today have grown both in size and complexity while the environment has remained highly exposed and vulnerable. Because of the evolving network landscape, networks require a security solution that works throughout the network in collaboration with all the network devices, servers, and endpoints within the network.
There are several challenges for securing modern-day networks to provide in-depth defense:
Security incidents and evolving threats are on the rise and are increasing exponentially.
The complexity and sophistication of malicious codes and network exploits continues to rise.
The potential impact resulting from these attacks is significant.
Multiple technologies are working together, in contrast to the point products deployed independently in the past.
The Cisco Network Intrusion Prevention solution is an integral part of the Cisco Self-Defending Network strategy that provides network intelligence to identify and prevent malicious traffic including network viruses, worms, spyware, adware, and application abuse. The solution offers comprehensive threat prevention and protection for a wide range of network intrusions and attacks.
The Cisco Network-based Intrusion Prevention solution protects the network from policy violations, vulnerability exploitations, and anomalous activity through detailed inspection of traffic at Layers 2 through 7, across the entire network.
Table 20-1 lists the various Cisco Network-based Intrusion Prevention solutions available on various platforms.
The following sections will briefly highlight the features and provide an overview of Cisco network-based IPS solutions.