Scribd Logo
Upload

Welcome to Scribd!

  • The State of Intrusion Prevention

    Uploaded by

    quocirca
    19 views10 pages
    Quocirca is a leading primary research and analysis company with native language research capabilities across the whole of Europe, along with North America and the Asia Pacific region. Its advice is free from vendor bias and is based purely on the analysis of its broad knowledge and analytical capabilities.

    Original Description:

    Original Title

    The state of intrusion prevention

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Quocirca is a leading primary research and analysis company with native language research capabilities across the whole of Europe, along with North America and the Asia Pacific region. Its advice is free from vendor bias and is based purely on the analysis of its broad knowledge and analytical capabilities.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    19 views10 pages

    The State of Intrusion Prevention

    Uploaded by

    quocirca
    Quocirca is a leading primary research and analysis company with native language research capabilities across the whole of Europe, along with North America and the Asia Pacific region. Its advice is free from vendor bias and is based purely on the analysis of its broad knowledge and analytical capabilities.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    The state of Intrusion Prevention

    Simon Perry - Principal Associate Analyst


    simon.perry@quocirca.com
    Twitter: 140letters1idea

    www.quocirca.com
    info@quocirca.com
    Twitter: Quocirca

    © 2009 Quocirca Ltd


    Agenda

    IDS The Does IPS


    What have we learned?

    What do we need today?


    How did we get here?

    have a
    MSSP good,
    future?
    HIPS the
    NIPS ugly

    © 2009 Quocirca Ltd


    The evolution of IDS need

    IP
    everything

    Root
    NW based
    cause
    attacks
    analysis

    NIDS
    Malware
    Forensics
    vectors

    © 2009 Quocirca Ltd


    The evolution of IDS need

    IP
    everything

    Root
    NW based
    cause
    attacks
    analysis

    NIDS
    Zero day

    Malware
    Forensics
    vectors

    HIDS
    Application
    Blended
    level
    malware
    attacks

    © 2009 Quocirca Ltd


    Issues

    Observe
    only
    Skills Scalability

    xIDS Misfires

    © 2008 Quocirca Ltd


    Prevention versus detection

    • Signature
    Detect
    • Heuristics

    • Forensics
    Report
    • Root cause

    • Block
    xIPS Action • Remediate
    • Retaliate
    © 2009 Quocirca Ltd
    Virtualisation challenges for NIPS

    Vnetwork Workload migration

    migration

    Internal cloud(s) External cloud provider(s)

    Private cloud

    Virtualisation adds some special


    challenges to network intrusion
    prevention

    © 2009 Quocirca Ltd


    7 core NIPS challenges

    NIPS

    © 2009 Quocirca Ltd


    Does NIPS have a future?

    © 2009 Quocirca Ltd


    About Quocirca

    Quocirca is a leading primary research and analysis


    company with native language research capabilities across
    the whole of Europe, along with North America and the
    Asia Pacific region.

    Through its hard fought for independence, Quocirca is not


    beholden to any one vendor.

    Therefore, its advice is free from vendor bias and is based


    purely on the analysis of the primary research it carries
    out, combined with the broad knowledge and analytical
    capabilities of its highly experienced team of analysts.

    © 2009 Quocirca Ltd

    You might also like