Network Intrusion Prevention

Network-based intrusion prevention is a key component of defense in depth and the ASA/PIX Security Appliance. The purpose of this technology is to recognize and stop attacks when they flow through the appliance. The ASA/PIX version 7 operating system implements two basic forms of network intrusion prevention; one is signature-based, and the other is behavior-based and is called application firewall features.

Signature-based intrusion prevention is similar to the way that antivirus software works on a host. The prevention device looks for a sequence of bytes on the network that matches an attack string; if the string matches, the device can either drop the traffic or report the attack to a logging server. Using the ...

Get Securing Your Business with Cisco ASA and PIX Firewalls now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.