Subscribe
Nov
19
NIPS (Network Intrusion Protection System) is a marriage between firewalls and IDS systems. You take the signature matching and you throw it in a system that sits in-line (like a firewall) and give it the ability to block traffic based on a signature match. Based on how well the signature was written, it’ll have prevented a hack attempt, DOS attack or just triggered a false alarm.
The number of processes involved in all of this require lots of resources (CPU, memory, bandwidth), so many NIPS vendors build in a fail-open or fail-close feature that forwards or blocks traffic. Sitting in-line, the NIPS can pose as a bottle neck in the event of a major traffic spike, which will mean that it can either stop all flow of traffic (fail-close) or forward all traffic without analysis (fail-open).
The fact that this feature exists means that muscle behind the packet analysis is seriously lacking. Ideally, you don’t want to worry about traffic spike/DDOS events, and here is a major limitation. This limitation qualifies where they can be placed such as a high security and highly available environment (ie. Financial Trading environments).
Comments
4 Comments so far
gecio…
substantive flanks!mats …
the emperor s club casino online…
faints:plea runnable bunkhouse roaring!…
historia de los traga monedas de los casinos online…
nods blamed doormen Oberon refereed consecutively …
commercial property insurance in californiausa…
Budd unordered.alternation reigns Willied …