Thursday, August 18, 2022

Deploying Sensors for Intrusion Prevention Systems (IPS)

 


Today, I am sharing the crux of that discussion with you…
Technical factors to consider when selecting sensors for deployment in an organization include the following:

~~ The network media in use
~~ The performance of the sensor
~~ The overall network design
~~ The IPS design (Will the sensor analyze and protect many systems or just a few?)
~~ Virtualization (Will multiple virtual sensors be created in the sensor?)

Important issues to keep in mind in an IPS design include the following:

1. Your network topology:
Size and complexity, connections, and the amount and type of traffic.

2. Sensor placement:
It is recommended that these be placed at those entry and exit points that provide sufficient IPS coverage.

3. Your management and monitoring options:
The number of sensors often dictates the level of management you need.

Locations that generally need to be protected include the following:

* Internet: Sensor between your perimeter gateway and the Internet
* Extranet: Between your network and extranet connection
* Internal: Between internal data centers
* Remote access: Hardens perimeter control
* Server farm: Network IPS at the perimeter and host IPS on the servers

-

Please let me know of what do you think about this in the comment section. You can also share with all if the information shared here helps you in some manner.

No comments:

Post a Comment

Evil Twin attack

Evil Twin Attack is attack is frequently carried upon wireless access points with malicious intentions. This attack happens when...