Intrusion Prevention Resource Guide
|"When properly tuned, IPSs can surgically prevent 'bad' traffic while simultaneously minimizing the potential of needlessly impeding traffic that is benign, or worse, instrumental to the smooth operation of the business." |
- Mark Bouchard, Missing Link
| See more like this in Intrusion Prevention Expert Quotes |
|Guide to Computer Network Security |
Intrusion Detection and Intrusion Prevention defined:
- Intrusion detection is a technique of detecting unauthorized access to a computer system or a computer network.
- An intrusion into a system is an attempt by an outsider to the system to illegally gain access to the system. Intrusion prevention, on the other hand, is the art of preventing an unauthorized access of a system's resources.
- The two processes are related in a sense that while intrusion detection passively detects system intrusions, intrusion prevention actively filters network traffic to prevent intrusion attempts.
|- Joseph Kizza, The University of Tennessee at Chattanooga |
| See more like this in Intrusion Prevention Defined |
|Network Intrusion Prevention Systems |
A must-read Resource that describes network-based intrusion detection/prevention systems (NIDS) so the reader can define the criterion in selecting an intrusion detection system. Highly recommended. From the Resource:
"NIDS systems are designed to examine network traffic to identify threats by detecting scans, probes, and attacks. One of the goals of intrusion detection is to assist the user in ensuring that the systems can handle those threats properly. A NIDS receives all packets in a particular network segment, including switched networks via one of several methods, such as taps or port mirroring. It carefully reconstructs the streams of traffic to analyze them for patterns of malicious behavior.."
|- Judy Weng and Glen Qin, Northwestern Polytechnic University |
| See more like this in Intrusion Prevention Explored |