Intrusion prevention sounds cool. It's sexy. It's the action hero of the infosecurity universe, smacking down the bad guys before they can get in and hurt the assets your organization holds near and dear.
But what is it, really? At its core, intrusion prevention is a sort of access control that provides a last line of defense around critical host servers and applications. The stark reality of network-based security systems is that some attacks are going to make it past the security perimeter--the crunchy shell of firewalls, IDSes and AV scanners. The idea behind intrusion prevention is to stop these attacks before they get to the "cream filling" of the protected host.
Given the realities of today's IT market, however, a more appropriate question might be, "Does intrusion prevention add enough value to my existing defenses to justify spending the bucks?"
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.