Intrusion Protection System Is a Better Defense Than Just Anti virus

Having anti-virus and firewalls installed on your computer is a necessity to avoid malware or other cyber attacks when you are connected to the Internet. Without these defense systems your vital information would be left open and you could fall victim to identity theft; your computer could be used as a springboard to attack other computers; or your passwords revealed to people with malicious intentions.

But cyber criminals nowadays have become more sophisticated in their acts, using modern strategies and tools to break into any computer systems. Anti-virus now are not sufficient. Their major function is to react only when the malware has already infiltrated the system. Firewalls are sometimes also not effective against network attacks. It cannot protect you from internal sabotage when other users are allowed to access your computer.

To complement and supplement for the inadequacies of anti-virus and firewall technologies, Intrusion Prevention System (IPS) was developed sometime in 2003, soon after the creation of Intrusion Detection System (IDS). IPS are also called Intrusion Detection System as they both monitor traffic flow on a network. However, the main difference is, while IDS is only for detecting malicious activity it does not provide protection against it. The main function of Intrusion Prevention System is to identify, log, report, send alarm and finally drop the malicious packet from within the network, then block the traffic from the IP address from where the malicious packet is coming from.

Both IPS and IDS are network-based, meaning they are working in-line, integrated within the network itself, not just a type of application which is doing its job separate from the system.

Sony's PlayStation Network went down last month after being hacked allegedly by the group Anonymous but which they claim they had no involvement. The sad thing is, according to Sony, those who are really responsible may have accessed to the personal information of their users. Sony has 70 million PS3 and PSP registered users.

The latest cyber attack news is on Lockheed Martin, the top U.S. government's IT provider and leading global security company which detected and thwarted a "significant and tenacious" intrusion on its information systems network. It's IPS could have played a major role in preventing the intrusion.

4 CLASSES OF INTRUSION PREVENTION SYSTEM

1.) Network-based Intrusion Prevention System (NIPS) - This system tries to prevent malicious activities like Distributed-Denial-of-Service (DDoS) attacks, or attempts to crack into a computer by monitoring and analyzing protocol activity.

2.) Host-based Intrusion Prevention System (HIPS) - In this system, intrusions and malwares are dealt with at the individual work station (the host) level to provide a higher degree of security.

3.) Wireless Intrusion Prevention System (WIPS) - As the term implies the system scans continuously for any threats over the air (wireless) such as WiFi systems, and reports or send alerts to the network administrator for immediate action.

4.) Network Behavioral Analysis (NBA) - The solution oversee what is happening inside a proprietary network by aggregating data it gathers from may points to support offline analysis. In this way, it enhances the security of the network. A typical intrusion prevention system defends a network's perimeter by using a packet inspection, signature detection, and real time blocking.

An effective IPS can identify and mitigate malware inside an infrastructure before it can cause major damage. Even if an attacker has managed to slip a Trojan, a worm, or any form of malicious code into your network and it is still in a benign state, and the attacker has not yet activated it, a well tuned IPS can identify the malware and go quickly into action either to drop or block it to prevent the attack.