Chapter 6

Next-Gen Intrusion Detection and Prevention

This chapter provides details about Cisco’s Firepower next-generation intrusion prevention system (NGIPS). An NGIPS can stop the exploits, vulnerabilities, and threats used by most attacks. This chapter explores the differences between legacy intrusion prevention systems (IPSs) and NGIPSs, placement of NGIPSs, the appliances that can be used, and the configuration and operations available. You will learn how to create signatures, policies, and rules, as well as how to tune those signatures for an organization, using dashboards, the Context Explorer, reporting, and rules.

NGIPS Overview

In 2013, Cisco acquired Sourcefire to expand its capabilities around continuous advanced threat protection. ...

Get Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security, First edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.