Previous Page Next Page

Part IV: Security Monitoring

 

Chapter 20: Network Intrusion Prevention

 

Chapter 21: Host Intrusion Prevention

 

Chapter 22: Anomaly Detection

 

Chapter 23: Security Monitoring and Correlation

Chapter 20. Network Intrusion Prevention

Today, viruses, worms, and several other invading malicious codes and programs proliferate widely on the Internet. With the environment becoming increasingly hostile, networks are easy targets because the infection can spread across the network rapidly. With this growing threat, networks need to be designed and equipped with sophisticated intelligence to diagnose and mitigate threats in real-time.

Cisco Network Intrusion Prevention provides self-defending solutions that offer networkwide protection and mitigation techniques. It has the intelligence to accurately detect, analyze, classify, and mitigate malicious traffic in real-time, offering comprehensive protection for a wide range of network intrusions and attacks.

The chapter discusses various types of Cisco Network-based Intrusion Prevention solutions and takes a closer look at core concepts such as sensor architecture, packet analysis, signature and signature engines, deployment scenarios, and high availability and load-balancing techniques.

Intrusion System Terminologies

The following list outlines the major intrusion system technologies:

Note

The Cisco Intrusion Prevention System (IPS) Sensor Software supports both IPS and IDS technology combined in a single box. This chapter covers mainly the IPS technology features.


Previous Page Next Page