Network Intrusion Prevention
Network-based intrusion prevention is a key component of defense in depth and the ASA/PIX Security Appliance. The purpose of this technology is to recognize and stop attacks when they flow through the appliance. The ASA/PIX version 7 operating system implements two basic forms of network intrusion prevention; one is signature-based, and the other is behavior-based and is called application firewall features.
Signature-based intrusion prevention is similar to the way that antivirus software works on a host. The prevention device looks for a sequence of bytes on the network that matches an attack string; if the string matches, the device can either drop the traffic or report the attack to a logging server. Using the ...
Get Securing Your Business with Cisco ASA and PIX Firewalls now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.