intrusion prevention

According to Michael Reed of Top Layer Networks, an effective intrusion prevention system should also perform more complex monitoring and analysis, such as watching and responding to traffic patterns as well as individual packets. "Detection mechanisms can include address matching, HTTP string and substring matching, generic pattern matching, TCP connection analysis, packet anomaly detection, traffic anomaly detection and TCP/UDP port matching."

Broadly speaking, an intrusion prevention system can be said to include any product or practice used to keep attackers from gaining access to your network, such as firewalls and anti-virus software.

Read more about intrusion prevention: - SearchNetworking.com offers an article by Michael Reed about intrusion prevention. - SearchSecurity.com includes links about intrusion prevention in its Best Web Links for intrusion detection.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT What security risks do enterprise honeypots pose? Honeypots can provide a great deal of insight into an environment's attack activity. However, before implementing them, there are some significant... What are the benefits of 'in-the-cloud' network security services? Services offered 'in the cloud' range from managed firewalls to intrusion detection/prevention services (IDS/IPS) to antispam/antivirus filtering. In... What is a 'top-down' IPS sensor search? If you're a firewall guru, you're probably familiar with the "top-down" signature matching approach. In this expert Q&A, Mike Chapple explains how IPS...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Diffie-Hellman key exchange  (SearchSecurity.com) Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to... network behavior analysis  (SearchSecurity.com) Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or...