The IPS Myth buster: Part II

This blog is the second part of a two part series on IPS. The purpose of this blog is to provide a high level overview of what:

  • The myths and misconceptions of IPS are
  • Solutions are out there
  • Equilibrium can do to help

If you missed the first part of the IPS series then please:

Click Here

There are a couple of main myths that are encountered when talking to people about IPS/IDS systems.

What are the myths?

Myth #1 – Anti-Virus will do the job

Whilst we think it’s fantastic that people are knowledgeable about Anti-Virus and have it deployed, it is only part of the solution. Having an IPS/IDS solution is not a cue to un-install anti-virus, these two solutions should be part of a multi-faceted defence strategy.

IPS/IDS solutions protect your network at the boundary, meaning the virus should never get as far as being downloaded on to your computer. An anti-virus will only work when the virus is already in and running. Even then, it can only protect against what it already knows and with nearly 1 million new viruses being created and seen every day anti-virus solutions need constant maintenance and upkeep.

Myth #2 – We don’t have anything worth stealing

This is a misconception of many companies especially SME’s, the reality is every business has a certain amount of data worth stealing or intercepting. From bank account logins to customer details, this information can be useful to a hacker whether it be to hold the data to ransom, or post it on the internet for your competitors to read.

One of the biggest threats facing businesses at the moment is CEO Fraud. This is where an impostor pretends to be a CEO or CFO for financial gain. The small bits of data gained from a company can be used to build up a picture of the organisation in an attempt to conduct this fraud.

Information that can be useful for an attacker include:

  • Emails – Emails can provide a template for an attacker to send a phishing email. They can also show the language used which can be mimicked by an attacker
  • Customer List – Customers contact details are sensitive. If an attacker gains these, you could be in breach of the Data Protection Act and be subject to a fine. It can also be used to send out phishing emails to customers in an attempt to gain further details about them
  • Internal Passwords – To access protected internal documents and systems

What Solutions are available?

Every security vendor worth their salt now has an offering of IPS or Next Generation Firewall. Every year, Gartner release their Magic Quadrant of IPS and Next Generation Firewall vendors, which aims to provide an independent overview of who the major companies are and what the general perception and experience is from customers. The following are the main vendors recognised by Gartner.

  • Check Point
  • Fortinet
  • Cisco
  • Palo Alto
  • Juniper
  • Dell SonicWall
  • McAfee
  • WatchGuard
  • F5

Each have their own respective advantages and disadvantages much like any technology and picking the right one for you is not a quick process. The graphs below show Gartner’s evaluation of the major Next Generation Firewall / IPS vendors. As the NGFW technology improves, IPS is increasingly being integrated and the amount of vendors solely focussing on standalone sensors is falling.

What Equilibrium Can Do to Help?

Equilibrium Security has a proven track record of assisting companies of all sizes in building their security roadmap and providing security solutions.

A lot of companies are starting to realise that Cyber Security should not be an afterthought to their business processes, but should be at the core of everything they do and we aim to integrate these solutions as seamlessly as possible.

Equilibrium Security’s IPS/IDS solutions are based on the most advanced threat protection systems available, encompassing application control, URL filtering capability and advanced malware protection, amalgamating many different threat prevention features and ultimately reducing operating costs without compromising data security in a single solution.

We have many customers who do not have an internal IT team who need a complete end-to-end solution where we design, implement and manage for them. However, there are customers who have internal IT teams who can respond to alerts from their IPS/IDS solutions but require assistance in implementing them.

Here are some of the organisations we have implemented IPS solutions for:

  • National Sports Retailer
  • Multiple Police Constabularies
  • National Clothing Retailer
  • Multiple Multi-National Financial Organisations
  • Law Firms
  • Accountancies
  • NHS Trusts
  • National Energy Provider

Whatever your situation, we can provide added-value for any security project as we are vendor independent, we can listen to your requirements and recommend you the best solution for your needs.

Contact Us