The State Of Intrusion Prevention

  • May 2020
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View The State Of Intrusion Prevention as PDF for free.

More details

  • Words: 272
  • Pages: 10
The state of Intrusion Prevention Simon Perry - Principal Associate Analyst [email protected] Twitter: 140letters1idea www.quocirca.com [email protected] Twitter: Quocirca © 2009 Quocirca Ltd

MSSP HIPS

NIPS

© 2009 Quocirca Ltd

The

good, the

ugly

What do we need today?

IDS

What have we learned?

How did we get here?

Agenda

Does IPS have a future?

The evolution of IDS need IP everything

Root cause analysis

NW based attacks

NIDS

Forensics

© 2009 Quocirca Ltd

Malware vectors

The evolution of IDS need IP everything

Root cause analysis

NW based attacks

NIDS Zero day

Forensics

Malware vectors

HIDS

Application level attacks © 2009 Quocirca Ltd

Blended malware

Issues

Observe only Skills

Scalability

xIDS © 2008 Quocirca Ltd

Misfires

Prevention versus detection

Detect

• Signature • Heuristics

Report

xIPS © 2009 Quocirca Ltd

• Forensics • Root cause

• Block Action

• Remediate • Retaliate

Virtualisation challenges for NIPS

Vnetwork

Workload migration

migration Internal cloud(s)

External cloud provider(s)

Private cloud

Virtualisation adds some special challenges to network intrusion prevention © 2009 Quocirca Ltd

7 core NIPS challenges

NIPS

© 2009 Quocirca Ltd

Does NIPS have a future?

© 2009 Quocirca Ltd

About Quocirca Quocirca is a leading primary research and analysis company with native language research capabilities across the whole of Europe, along with North America and the Asia Pacific region. Through its hard fought for independence, Quocirca is not beholden to any one vendor. Therefore, its advice is free from vendor bias and is based purely on the analysis of the primary research it carries out, combined with the broad knowledge and analytical capabilities of its highly experienced team of analysts.

© 2009 Quocirca Ltd

Related Documents