The State Of Intrusion Prevention
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View The State Of Intrusion Prevention as PDF for free.
More details
- Words: 272
- Pages: 10
The state of Intrusion Prevention Simon Perry - Principal Associate Analyst [email protected] Twitter: 140letters1idea www.quocirca.com [email protected] Twitter: Quocirca © 2009 Quocirca Ltd
MSSP HIPS
NIPS
© 2009 Quocirca Ltd
The
good, the
ugly
What do we need today?
IDS
What have we learned?
How did we get here?
Agenda
Does IPS have a future?
The evolution of IDS need IP everything
Root cause analysis
NW based attacks
NIDS
Forensics
© 2009 Quocirca Ltd
Malware vectors
The evolution of IDS need IP everything
Root cause analysis
NW based attacks
NIDS Zero day
Forensics
Malware vectors
HIDS
Application level attacks © 2009 Quocirca Ltd
Blended malware
Issues
Observe only Skills
Scalability
xIDS © 2008 Quocirca Ltd
Misfires
Prevention versus detection
Detect
• Signature • Heuristics
Report
xIPS © 2009 Quocirca Ltd
• Forensics • Root cause
• Block Action
• Remediate • Retaliate
Virtualisation challenges for NIPS
Vnetwork
Workload migration
migration Internal cloud(s)
External cloud provider(s)
Private cloud
Virtualisation adds some special challenges to network intrusion prevention © 2009 Quocirca Ltd
7 core NIPS challenges
NIPS
© 2009 Quocirca Ltd
Does NIPS have a future?
© 2009 Quocirca Ltd
About Quocirca Quocirca is a leading primary research and analysis company with native language research capabilities across the whole of Europe, along with North America and the Asia Pacific region. Through its hard fought for independence, Quocirca is not beholden to any one vendor. Therefore, its advice is free from vendor bias and is based purely on the analysis of the primary research it carries out, combined with the broad knowledge and analytical capabilities of its highly experienced team of analysts.
© 2009 Quocirca Ltd
MSSP HIPS
NIPS
© 2009 Quocirca Ltd
The
good, the
ugly
What do we need today?
IDS
What have we learned?
How did we get here?
Agenda
Does IPS have a future?
The evolution of IDS need IP everything
Root cause analysis
NW based attacks
NIDS
Forensics
© 2009 Quocirca Ltd
Malware vectors
The evolution of IDS need IP everything
Root cause analysis
NW based attacks
NIDS Zero day
Forensics
Malware vectors
HIDS
Application level attacks © 2009 Quocirca Ltd
Blended malware
Issues
Observe only Skills
Scalability
xIDS © 2008 Quocirca Ltd
Misfires
Prevention versus detection
Detect
• Signature • Heuristics
Report
xIPS © 2009 Quocirca Ltd
• Forensics • Root cause
• Block Action
• Remediate • Retaliate
Virtualisation challenges for NIPS
Vnetwork
Workload migration
migration Internal cloud(s)
External cloud provider(s)
Private cloud
Virtualisation adds some special challenges to network intrusion prevention © 2009 Quocirca Ltd
7 core NIPS challenges
NIPS
© 2009 Quocirca Ltd
Does NIPS have a future?
© 2009 Quocirca Ltd
About Quocirca Quocirca is a leading primary research and analysis company with native language research capabilities across the whole of Europe, along with North America and the Asia Pacific region. Through its hard fought for independence, Quocirca is not beholden to any one vendor. Therefore, its advice is free from vendor bias and is based purely on the analysis of the primary research it carries out, combined with the broad knowledge and analytical capabilities of its highly experienced team of analysts.
© 2009 Quocirca Ltd
Related Documents
The State Of Intrusion Prevention
May 2020 1
Intrusion Prevention System
June 2020 0
Intrusion
April 2020 5
The Intrusion Of Jimmy - Notepad
November 2019 7
State Of The State Cover
April 2020 38