intrusion prevention
Home > Security Definitions - Intrusion prevention
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

intrusion prevention

Show me everything on Network Intrusion Prevention (IPS)

DEFINITION - Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly. Like an intrusion detection system (IDS), an intrusion prevention system (IPS) monitors network traffic. However, because an exploit may be carried out very quickly after the attacker gains access, intrusion prevention systems also have the ability to take immediate action, based on a set of rules established by the network administrator. For example, an IPS might drop a packet that it determines to be malicious and block all further traffic from that IP address or port. Legitimate traffic, meanwhile, should be forwarded to the recipient with no apparent disruption or delay of service.

According to Michael Reed of Top Layer Networks, an effective intrusion prevention system should also perform more complex monitoring and analysis, such as watching and responding to traffic patterns as well as individual packets. "Detection mechanisms can include address matching, HTTP string and substring matching, generic pattern matching, TCP connection analysis, packet anomaly detection, traffic anomaly detection and TCP/UDP port matching."

Broadly speaking, an intrusion prevention system can be said to include any product or practice used to keep attackers from gaining access to your network, such as firewalls and anti-virus software.

Learn more about Network Intrusion Prevention (IPS)
Network intrusion prevention systems: Should enterprises deploy now?: SearchSecurity.com's network security expert Mike Chapple explains why the more IPSes "change," the more they stay the same.
Lesson 1 quiz: Risky business: How much did you learn about enterprise wireless security from lesson one? Find out how much you retained.
Lesson 4: How to use wireless IPS: In Lesson 4 of Wireless Security Lunchtime Learning, you'll walk away with an understanding of the value of wireless IPS -- even if your organization doesn't support a WLAN.
Hacker attack techniques and tactics: Understanding hacking strategies: This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your ...
Network-based attacks: The second tip in our series, "How to assess and mitigate information security threats".
Snyder On Security: An insider's guide to the essentials: Joel Snyder, senior partner with consultancy Opus One, provides an in-depth look at information security trends and technologies.

LAST UPDATED: 29 May 2007

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- SearchNetworking.com offers an article by Michael Reed about intrusion prevention.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Aligning network security with business priorities
Too often, network security administrators have their security budget requests nixed by executives because they weren't able to align their requests...
Best Intrusion Prevention and Detection Products
Readers vote on the best intrusion prevention/detection products, including network-based IDP appliances, using signature-, behavior-, anomaly- and...
Port scan attack prevention best practices
While it's impossible to prevent against all port scanning attacks, there are best practices for port scanning security (such as a port scanning...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Diffie-Hellman key exchange  (SearchSecurity.com)
Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to...
network behavior analysis  (SearchSecurity.com)
Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or...




Get More intrusion prevention Answers
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2010, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts