168 Vulnerability ManageMent
that matter. At this time, the two industries are so far apart in interop-
erability that only a demanding customer base will be able to influ-
ence change. However, the basic idea is that if a new vulnerability is
discovered on a target system, then the appropriate upstream IPS will
be notified to activate the signature that would protect the asset until
it is properly remediated.
ere are two major benefits to this type of integration. First, a
vulnerability is protected until full remediation can be completed,
which lowers the overall dynamic vulnerability level in the environ-
ment. Second, the IPS optimizes its performance since only the nec-
essary rules are activated above the standard policy implementation.