Intrusion Prevention Systems – IPS
What is it?
The main functions of an Intrusion Prevention System (IPS) are to monitor network traffic, identify malicious activity, log information about this activity and attempt toblock/stop it. In general, IPS is an active security solution. However, there are passive (IDS) and active IPS systems. In a passive system, called Intrusion Detection Systems (IDS), the IDS detects a potential violation of security policies, records the information (log), and triggers an alert. In an active system, the IPS responds to suspicious activity, by ending a user session or re-programming the firewall to block network traffic from a suspected malicious source.
Protect your organization’s network against SQL Injection, vulnerability exploitation, XSS (Cross-Site Scripting) and emerging threats. BLOCKBIT UTM has an advanced IPS module that contains millions of signatures maintained by our Intelligence Lab Team that continuously updates the IPS engine. These signatures are organized in over 30 different categories, including OS (Windows, Linux, Solaris, etc), Protocols (TCP, UDP, TFTP, RPC, POP, IMAP, etc), Servers (IIS, Apache, MSSQL, MySQL, Oracle, Samba, DNS, etc), and others, blocking the attacks before getting into your operation systems or services. Additionally, the administrator has complete freedom to establish IPS policies oriented to each asset in the network through BLOCKBIT compliance rules, significantly reducing false positives.