• Recently Written

  • VI Basic Movement
  • Fun With Rsync - Part I
  • How to Remove Linux and Install Windows XP
  • Calculate big using bc
  • What’s wrong with NSOL?
  • to HUP or nohup?
  • Getting started with Ruby
  • Long live FreeBSD
  • What happened to LXPages?
  • Gmail is ridiculous!

• Archives

  • July 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006

• Blogroll

  • Agriculture
  • Business Services
  • Community Services
  • Construction
  • Education
  • Finance
  • Food & Dining
  • Government
  • Health & Medical
  • Industry
  • LXPages.com
  • Manufacturing
  • Motorized Vehicle
  • Personal Services
  • Professional
  • Real Estate
  • Shopping & Shopping Services
  • Transportation
  • Travel & Tourism

  Search

Going beyond detecting intrusions and blocking services based on IPs and Ports we have NIPS. Network Intrusion Protection Systems (NIPS) actively protects based on signature matches.  Unlike firewalls, it inspects traffic at a deeper level and is able to control the traffic by blocking it in a variety of ways including sending Resets.  Additionally, most NIPS products can handle and effectively control high volume attacks that are meant to distrupt network services.  Even though NIPS products have been out for a few years, most large companies haven’t deployed them en masse due to the fact that it must be deployed in line. And this means the administrator must carefully deploy them and avoid configuring the NIPS to cause disruptions.

Some of the popular NIPS vendors are listed as follows

1. Fortinet ( http://fortinet.com/solutions/ips.html )

The Fortinet theme is to roll in FW/VPN/Webfiltering/Virus Detection and NIPS into one package and sell it on different price levels.  This works for companies looking for a cost effective solution. They seem to have a decent products on their hands.

2. IBM ISS ( http://iss.net/products/Proventia_Network_Intrusion_Prevention_System/product_main_page.html )

These guys have been around for a long time. They used to rollout their products on the Nokia platform and even Windows. Actually, their Network Sensor products still run on Windows. Anyway, they’re in appliance mode and they’ve got a product line called Proventia. And their Proventia GX product line is their newest and this is where they sell their NIPS.  I’ve alot of experience with their G400 product and its OK. It supposed to be able to push 400 Mbps, maybe only if you disable all the signatures and it’s failed open.  In any case, they’re a serious option for NIPS.

3) Juniper ( https://www.juniper.net/products_and_services/intrusion_prevention_solutions/ )

Probably, the best NIPS solution to deploy in your enterprise core environment. You don’t want to stick a G400 or a Fortinet in the heart of your million dollar network. I personally don’t have any experience with it, but that’s the news I hear.

There are lots more companies to consider. Perhaps the readers can contribute in the message logs.

Comments

• Categories

  • General
  • Health
  • Linux
  • PHP
  • Politics
  • Ruby
  • Security
  • SEO
  • Technology
  • Video Games
  • Web Design

• Sponsors