– Ron Meyran, director of security products with Radware (www.radware.com), says:
Why is ID/P be a priority in the enterprise?
Small and midsize enterprises, specifically, use servers concentrated in a server farm, DMZ or a data center to support productivity, business communications or deliver revenue generating applications. Firewalls have become ineffective as they operate at L3-L4 thus cannot detect and prevent attacks at the application level. An IPS is the main network security tool that performs deep packet inspection and can look into L7 content and prevent network attacks in real time. An IPS prevents threats such as application vulnerability exploitation, information theft, authentication defeat, malware spread, application & network downtime and more.
Key features to look for when purchasing an intrusion detection/prevention system:
- Security coverage: prevent application vulnerability exploits, network and application scanning, brute force attacks, network DDoS, application flooding.
- Strong real-time monitoring: historical reporting engine and forensics analysis.
- Scalable platform that can grow when the business throughput grows without the need for forklift upgrades.
- Performance: an IPS should be able to fend off attacks not at the expense of legitimate traffic processing and forwarding. Otherwise high volume network attacks will turn the IPS into a network bottleneck and slow down business activity or even shut it down completely.
Security and IT managers of small to medium sized enterprises should consider purchasing an IPS vs. outsourcing it. Although obtaining an in-house IPS requires building expertise and human resources to manage and analyze the logs, as well as keeping best security practices, today, service providers today offer managed security services that include IPS and DoS protection, and thus, can help companies manage these systems. This has an advantage of overall simplicity, scalability and cost management. It only requires selecting the right partner to manage and protect your IT assets.