Next-Gen Intrusion Detection and Prevention
This chapter provides details about Cisco’s Firepower next-generation intrusion prevention system (NGIPS). An NGIPS can stop the exploits, vulnerabilities, and threats used by most attacks. This chapter explores the differences between legacy intrusion prevention systems (IPSs) and NGIPSs, placement of NGIPSs, the appliances that can be used, and the configuration and operations available. You will learn how to create signatures, policies, and rules, as well as how to tune those signatures for an organization, using dashboards, the Context Explorer, reporting, and rules.
In 2013, Cisco acquired Sourcefire to expand its capabilities around continuous advanced threat protection. ...