Chapter 6

Next-Gen Intrusion Detection and Prevention

This chapter provides details about Cisco’s Firepower next-generation intrusion prevention system (NGIPS). An NGIPS can stop the exploits, vulnerabilities, and threats used by most attacks. This chapter explores the differences between legacy intrusion prevention systems (IPSs) and NGIPSs, placement of NGIPSs, the appliances that can be used, and the configuration and operations available. You will learn how to create signatures, policies, and rules, as well as how to tune those signatures for an organization, using dashboards, the Context Explorer, reporting, and rules.

NGIPS Overview

In 2013, Cisco acquired Sourcefire to expand its capabilities around continuous advanced threat protection. ...

Get Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security, First edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.