Chapter 11. Intrusion Prevention Systems
The material in this chapter is the basis for the “Intrusion Prevention System” chapter in the SANS Institute course, “SANS Security Leadership Essentials,” and is used here with the permission of the SANS Institute.
Though intrusion prevention system (IPS) began life as a marketing term, IPS is one of the fastest changing areas in perimeter protection. As an active defense measure, IPS gives us more options in our primary Internet/intranet perimeter as well as the ability to extend perimeter defenses across the internal switches and host systems. In this chapter you will see how the IPS concepts we discussed in Chapter 1, “Perimeter Security Fundamentals,” and Chapter 8, “Network Intrusion Detection,” ...