Why do I use an IPS (Intrusion Prevention System)?
IPS stands for Intrusion Prevention System and is an important part of security in a computer network. It is used to prevent attacks from excessive traffic or malware. To do this, an algorithm monitors the data traffic in the network and examines it for anomalies. If anomalies are detected, the corresponding traffic is blocked.
Intrusion prevention systems work with databases to identify attacks on the network. These are filled with known patterns of malicious attacks on computer systems so that they can be detected if they penetrate the network. The data traffic is always monitored at the entrance and exit of the individual network components such as servers, computers or routers. Such an intrusion prevention system is also referred to as a NIPS, a network-based intrusion prevention system. The system is used in the data lines and not in the individual components. In contrast to this, there is the Host Based Intrusion Prevention System. This system monitors the data traffic in the individual computers in a network. The reason for this is that attacks on networks usually find their way via computers. For example, an e-mail containing malware is opened on an employee’s computer in the network. From here it makes its way through the network. The HI is used to prevent the malware from escaping from the affected computer.
An intrusion prevention system is offered by software companies. Usually, these companies provide constant updates in addition to pre-packaged software. This enables the detection of completely new types of attacks by equipping the database with new algorithms. The more up-to-date the intrusion prevention system, the higher the protection.
You can find more information about IPS here.
If you are interested in centron protection, use our cProdect.