Cyber Security Blog

Stay ahead of the curve with industry trends, cutting edge tech and inventive strategies.

The IPS myth buster

This blog is the first part of a two part series on IPS. The purpose of this blog is to provide a high level overview of what:

  • IPS/IDS systems are, including the differences between them
  • The benefits of using these solutions are
  • Equilibrium can do to help

IPS and IDS are acronyms that are used interchangeably within IT security, with many people not actually knowing what they do. Without fully understanding what they do and how beneficial they are, it’s hard to justify implementing them.

What do they do and what’s the difference between them?

IPS and IDS solutions are put in place to prevent malicious traffic from reaching the critical areas of the IT infrastructure. From Equilibrium’s perspective the IPS & IDS systems are differentiated in the actions taken against suspected malicious attacks.

IDS: Intrusion Detection System

An Intrusion Detection System can be compared to a CCTV solution, it will monitor and report but it will not intercept or modify the traffic in any way.

  • Detects suspected malicious activity & provides detailed alerts
  • Operates out of line of data streams
  • Action taken against malicious activity is retrospective
  • No impact to throughput
  • Will never block data & can therefore never result in false positives

IPS: Intrusion Prevention System

In comparison to an Intrusion Prevention System that is like border control, it will intercept and modify traffic based on an access-list of allowed and blocked traffic.

  • Detects and blocks malicious activity
  • Operates in the path of data streams
  • Action taken against malicious activity is in real time before sensitive data is exposed
  • Devices configured to match required throughout

Being able to understand alerts from any such systems whether IPS or IDS, is the key to an effective stance against intrusion attempts and malicious software.

At present less than 40% of enterprise Internet connections are secured using next-generation firewalls (NGFWs). Gartner predicts that this will rise to at least 85% of the installed base by the end of 2018, as more enterprises realise the benefits of application and user control (Garner Magic Quadrant Report for NGFW – 2015)

Who would benefit from using them?

If you have a business that has any kind of IT Infrastructure, you should be using a IPS or IDS solution.

What would happen if:

  • Your business and the day to day running of it if you were hit with a companywide virus?
  • Your main data storage computer was hacked into and the files released on the internet?

How much would that cost you in lost revenue and lost customer confidence? Would it stop your business trading until it is rectified? Would you incur fines for the breach?

These questions are not scare tactics; they are the unfortunately reality. Companies are being hit every single day, data is being ransomed and released every day.

There have been a lot of recent cases where organisations such as Police Forces and Hospitals have come under attack from Ransomware. The normal method of attack of these types of virus’s is through email and website ads. These attacks have cost these organisations thousands of pounds both in ransom payments and the clean-up operation.

In February 2016, a Los Angeles hospital paid $17,000 to restore their files following a ransomware attack. Recently a Bangladesh bank was hacked to the tune of almost $80Bn; one of the reasons for this hack was because they were utilising inferior equipment and they did not have a IPS/IDS solution in place.

What Equilibrium Can Do to Help?

Equilibrium Security’s IPS/IDS solutions are based on the most advanced threat protection systems available, encompassing application control, URL filtering capability and advanced malware protection, amalgamating many different threat prevention features and ultimately reducing operating costs without compromising data security in a single solution.

Whatever your situation, we can provide added-value for any security project as we are vendor independent, we can listen to your requirements and recommend you the best solution for your needs. Please come back next week for part two of this series, where we will tackle common myths that are out in the marketplace and what solutions are available to businesses.

Contact Us

 

Latest posts