IPS
IPS
An intrusion prevention system is any device which exercises access control to protect computers from exploitation. "Intrusion prevention" technology is considered by some to be an extension of intrusion detection (IDS) technology, but it is actually another form of access control, like an application layer firewall.
Definitions provided by Wikipedia - The Free Encyclopedia
IPS Related Products
The GB-250 and GB-250e Firewall UTM Appliances are GTA's entry level systems that provide big security for smaller business offices. Designed and priced to meet the needs of smaller organisations, the GB-250 and GB-250e include the same security and UTM features of our larger enterprise firewall UTM appliances, but scaled to fit the needs of offices with fewer than 50 employees.
More information
The Rajant BreadCrumb LX is a rugged multiradio wireless transmitter-receiver that forms a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. This portable wireless mesh network node contains two radios and supports open-standard IEEE 802.11 a/b/g protocols to enable data, voice and video applications. Available radio configurations are 2.4GHz/900MHz, 2.4GHz/2.4GHz, 2.4GHz/4.9GHz and 2.4GHz/5.8GHz. This full featured LX can operate in extreme conditions and has several mounting options.
More information
The GB-3000 Gigabit Firewall UTM Appliance is Global Technology Associates' flagship appliance. It offers the highest throughput and most comprehensive feature set in GTA's product line. The GB-3000 provides powerful network security and strong performance by delivering world-class protection and gateway threat management capabilities in a single dedicated appliance.
More information
McAfee Firewall Enterprise (formerly Secure Computing Sidewinder) appliances provide powerful centralised management and reporting tools to ease planning, troubleshooting, and configuration, while global reputation technology reduces up to 70 percent of unwanted traffic and blocks attacks before they occur.
More information
The Rajant BreadCrumb SE is a rugged pair of wireless transmitter-receivers that form a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. This portable batteryoperated wireless mesh network node supports pen-standard IEEE 802.11 protocols to enable data, voice and video applications.
More information
Juniper Networks SRX Series uses Dynamic Services Architecture provided by Junos to scale integrated security and network capabilities simultaneously, providing the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.
More information
Radware award winning DefensePro is a real-time Intrusion Prevention System (IPS) and DoS protection device that protects your application infrastructure against known attacks and emerging zero-minute and non-vulnerability network attacks that cannot be detected by static signature IPS using behavioral based real-time signatures.
More information
The Rajant BreadCrumb ME is a rugged wireless transmitter-receiver that forms a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. This portable battery-operated wireless mesh network node supports open-standard IEEE 802.11 protocols to enable data, voice and video applications. This lightweight portable unit can support one or two radios and requires only a single switch to operate.
More information
The Rajant BreadCrumb ME2 is a rugged wireless transmitter-receiver that forms a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. This portable wireless mesh network node supports an open-standard IEEE 802.11 b/g radio with up to two antennas to enable data, voice and video applications and requires only a single switch to operate. A military version of ME2 device will supports FIPS 140-2.
More information
The Rajant BreadCrumb XL is a rugged pair of wireless transmitter-receivers that form a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. This portable wireless mesh network node supports open-standard IEEE 802.11 protocols to enable data, voice and video applications. This portable unit includes two (2) radios and requires only a single switch to operate.
More information
The Rajant BreadCrumb XLE is a rugged pair of wireless transmitter-receivers that form a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. The XLE includes an integrated video CODEC and external BNC connector for video. This portable wireless mesh network node supports open-standard IEEE 802.11 protocols to enable data, voice and video applications. This portable unit includes two (2) radios and requires only a single switch to operate.
More information
The Rajant BreadCrumb XLV is a rugged pair of wireless transmitter-receivers that form a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. This portable wireless mesh network node is specifically designed for vehicle use and can accept unfiltered power in the range of 6 to 40 volts DC. The XLV supports open-standard IEEE 802.11 protocols to enable data, voice and video applications. This portable unit includes two (2) radios and requires only a single switch to operate.
More information
The Rajant BreadCrumb XLR is a rack mountable pair of wireless transmitter-receivers that form a mesh network (using InstaMesh) when used in conjunction with other BreadCrumb devices. This portable wireless mesh network node is specifically designed for rack mounting and can accept unfiltered power in the range of 6 to 40 volts DC. The XLR supports open-standard IEEE 802.11 protocols to enable data, voice and video applications. This rack mountable unit includes two (2) radios and requires only a single switch to operate.
More information
The Check Point Software Blade Architecture supports a complete and increasing selection of Software Blades, each delivering a modular security gateway or security management function. Because Software Blades are modular and moveable, Software Blades enable users to efficiently and quickly tailor Security Gateway and Management functionality to specific and changing security needs. New blades are quickly licensed as needed without the addition of new hardware.
More information
IPS Related Industry News
Stopping the enemy at the gate Over the past few years, security vulnerabilities have spiralled, writes Bloor Research analyst Fran Howarth. The CERT Co-ordination Centre, a federally-funded R&D centre operated by the Carnegie Mellon University in the US, publishes statistics of security vulnerabilities that are reported to it on an annual basis. In 1995, just 171 such incidences were brought to its attention; by 2003, that figure had risen to 3,784.
This increase in vulnerabilities is caus......
[more] Watch out: It's virus season again Like it or not, we're hot and heavy into the first active virus season of 2004, one that--if the past is any indication --should last until May, then resume again in early August. Despite the sheer number of medium-threat viruses on the loose this year, however--we've seen about 36 low- to medium-level threats so far since January 18, 2004--virus writers seem to be burning through their bag of new tricks with only limited success.
Indeed, none of the recen......
[more] Intrusion Prevention: A Lock To Dominate The New Year Heading into the new year, solution providers, vendors and industry analysts predict that 2005 will be the year of the intrusion prevention system. While 2004 was the year of the integrated perimeter security device, experts said the coming year will focus on devices and software solutions that hinge upon some kind of prevention of threats such as viruses, worms, spyware and adware, the programs that spark crippling distributed denial of serv......
[more] Network security market growing Infonetics Research reported today that the network security market increased by 15 percent last year and predicted that revenue will grow another 32 percent by 2009. According to a report written by Infonetics analyst Jeff Wilson, worldwide revenue for network security appliances and software totaled $4.3 billion in 2005. Cisco led the industry, capturing 34 percent of market. Check Point and Juniper trailed in second and third place respectively. The repor......
[more] Microsoft develops new tunneling protocol Microsoft is working on a new tunneling protocol for Vista and Longhorn that will provide secure network access from anywhere on the Net. The Secure Socket Tunneling Protocol (SSTP) creates a VPN tunnel that travels over Secure-HTTP, eliminating issues associated VPN connections based on the Point-to-Point Tunneling Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP) that can be blocked by some Web proxies, firewalls and Network Address Translation (NA......
[more] PatchLink Plots Another Acquisition Soon Patch management vendor PatchLink is close to announcing an acquisition hot on the heels of February's purchase of the STAT Guardian Vulnerability Management Suite from Harris Corp. Pat Clawson, CEO of the Scottsdale, Arizona-based ISV, said its first acquisition since he took over in August last year brought it "a fully integrated front end, since they had already been OEMing our product for two years." In terms of new technology, the STAT acqu......
[more] Peer-to-peer networks co-opted for DOS attacks A flaw in the design of a popular peer-to-peer network software has given attackers the ability to create massive denial-of-service attacks that can easily overwhelm corporate websites, a security firm warned last week.Over the past three months, more than 40 companies have endured attacks emanating from hundreds of thousands of Internet Protocol addresses (IPs), with many of the attacks producing more than a gigabit of junk data every second, acco......
[more] Intrusion detection in the age of compliance While intrusion detection technologies are clearly not a "hot new thing" anymore, they are still the subject of active industry debate. Since the infamous "IDS is Dead" piece was published by Gartner in 2003, the discussion about IDS relevance to today's world of commercial malware and web exploits rages on. Further, the IDS relationship to newer technologies such as intrusion prevention systems (IPS) and network-behavior anomaly......
[more] Five basic mistakes of security policy TKAs I mentioned in my last article, security policies serve to protect (data, customers, employees, technological systems), define (the company's stance on security), and minimize risk (internal and external exposure and publicity fallout in the event of a breach). Security policy creation and dissemination are not just a good idea; both are mandated by a slew of corporate regulations, including PCI, HIPAA, and FISMA. This story presents five mistakes tha......
[more] Google adwords fuel new URL attack Google adwords account holders are being targeted by criminals out to trick them into handing over credit card information using a clever URL spoof that has gained popularity in recent weeks. On the face of it, the scam follows a traditional attack route involving the sending of spam emails to random Internet addresses in the hope of finding users who have purchased adwords. The email claims that the user's account payment has failed and asks them to "upd......
[more] Hacker compromised Red Cross earthquake relief site Hurricane Katrina proved a fertile ground for fraudsters to scam money off those willing to help the needy. Now the China earthquake has bread a new variant of the morally reprehensible, with donated funds being siphoned off one charity site. Unfortunately for victims of the recent Sichuan earthquake, this is exactly what appears to have happened to the Chinese branch of the Red Cross. From the reports, it appears that a Chinese hacker or grou......
[more] Radware Apps to Protect Vs. SSL Attacks, VoIP Misuse Radware, a company that offers integrated application delivery solutions for business-smart networking, announced today that it’s launched its “APSolute Immunity” security initiative. The company also said it’s released an enhanced version 4.10 of its DefensePro security solution. Radware officials say the company’s DefensePro is a real-time Intrusion (News - Alert) Prevention System that maintains business continuity by protecting the......
[more] How to Approach Access Control in the Social Networking Age “Here comes trouble,” say John Yun and Jay Kelley from Juniper Networks. Trouble in this case means social networking. Like instant messaging and e-mail before it, social networking can cause worries to companies that haven’t learned to adapt - and real trouble to companies that haven’t learned how to manage it. Enterprises are beginning to adopt social networking applications. They’re doing it for the sam......
[more] Home Office admits loss of 3,000 workers' data The Home Office has lost the names, nationalities, passport numbers and dates of birth of 3,000 seasonal agricultural workers on two CDs in transit to the UK Borders Authority. The incident, which took place in March, was reported to the Information Commissioner's Office but has only now been publicly disclosed in the Home Office's 2007-08 resource accounts, published on 8 August, 2008. "This is not a Home Office data loss," said a Home O......
[more] XP Security “Scareware” Scams Skyrocketing More users than ever before seem to be falling for scams being levied by fraudsters looking to make a quick – and lucrative – buck from bogus security applications. It’s sad to see people get scammed from their money when they’re seeking some level of protection from Internet threats – but instead they end up paying to install software that does nothing, at best, or is in fact itself malware. At least one security firm says criminals are raking hundreds......
[more] IPS dismisses 14 staff for data-protection breaches The Identity and Passport Service has dismissed 14 people over the last three years, in the majority of cases for abusing access to the passport database. Of 16 cases where data-protection regulations were breached, all but one involved members of staff who had legitimate access to the Passport Application Support System database, and who used this for unauthorised checks not related to their duties. The other case involved a contractor misusin......
[more] Spam drop could boost Trojan attacks The dramatic fall in spam traffic reported last week after alleged rogue ISP McColo Corp. was taken offline will only be a temporary reprieve and could actually generate a new wave of Trojans, experts have warned. ISPs disagree on the global percentage drop in spam caused by the shuttering of San Jose-based McColo last Tuesday, with estimates given by those contacted by Techworld ranging from 50% to 80%. But even the lower figure is still an unprecedented fa......
[more] China more friend than foe, says white hat China's security community is more concerned with vulnerabilities in its own computer networks than leveling attacks at the United States and other western countries, a white-hat hacker told attendees at the CanSecWest Security Conference on Thursday. With 260 million Internet users, an underground malware industry and laws that are just catching up with cybercrime, China has a major security problem on its network, Zhao Wei, CEO of KnownSec, said dur......
[more] Security appliance market set for more expansion The security appliance market in Western Europe is bucking the downward trend for IT after it grew 14.4 percent in 2008, and is forecast to continue to expand this year, albeit at a slower rate. So shows the latest figures from analyst firm IDC, which found that revenue for security appliances in 2008 was $1.48 billion (£1.03bn). That figure is projected to rise to $1.65 billion this year, resulting in about 9.4 percent growth, said Romain......
[more] Inside Korea's Cyber Attack Details are emerging from the massive cyber attack that hit South Korea and the U.S. earlier this month -- showing security researchers what went right in stemming the tide. Initially, the South Korea government blamed North Korea for the attack, though no solid evidence has yet been put forth to support that claim. In the meantime, researchers are learning precisely how large the attack had been and how it had been achieved. As it turns out, South Korea, which is......
[more] Juniper wraps remote types in security blanket Juniper has stretched its enterprise security mechanisms to better protect all those machines logging into corporate networks from remote locations. Dubbed Juniper Networks Adaptive Threat Management Solutions, the new offering automatically deploys anti-malware and anti-spyware tools to remote clients tapping the network via VPN, while affording additional protection by way of an updated intrusion-prevention system (IPS). And in an effort to ensure......
[more] Radware, RSA team up to offer protection at network level Radware, a provider of integrated application delivery services for business-smart networking, and RSA, the security division of EMC have entered into partnership to expand an integrated crimeware blocking network designed to provide fraud protection for end users against both information and identity theft as well the spread of malware. Under the partnership, the two companies will build a proactive defense at the network layer to prote......
[more] Check Point provides businesses with preemptive protection against Microsoft exposure Check Point Software Technologies Ltd has announced that Check Point IPS solutions shield customers against exploits associated with the FTP Service in Microsoft Internet Information Services vulnerability. Successful exploitation of this unpatched vulnerability could allow hackers to take over an affected company’s systems. Although no Microsoft patch is currently available for this vulnerability, Check Point......
[more] Malware lingers months on infected PCs Malware stays around on infected PCs far longer than previously thought, according to the latest research from Trend Micro. Previous estimates suggested that a compromised machine remains infected for approximately six weeks. Based on an analysis of around 100 million compromised IPs, Trend Micro concludes that many infected IPs are infected (or repeatedly infected) for more than two years, with a median infection length of 300 days. Four in five compromis......
[more] Check Point adds web app and widget control Soon businesses that run Check Point security tools will be able to understand how thousands of web applications and web 2.0 widgets are used, giving executives better control over what employees do with their computers at work. The company is developing a software blade that customers can buy to address use of social websites and web applications. Check Point has licensed extensive libraries from FaceTime that identify 4,500 web applications and more......
[more] Great firewall of News Limited saves $5.5M a year Blocking people from accessing unproductive Web sites has saved News Limited an estimated $5.5 million a year the company's top security professional estimates. Just as the federal government hatches its plans to implement the great firewall of Australia in the form of Internet filtering, News Limited has seen success by blocking employees from accessing public Web services it deems unproductive. News Limited's national IT security manager Bob H......
[more] New data breach system tries user pop-ups Security giant Check Point has announced a data leak prevention (DLP) system with a neat trick up its sleeve. If it detects that sensitive data is being misused, it tells users through pop-ups. The company is convinced that its first DLP system, Check Point DLP, can remove the incredible complexity that it plausibly identifies as a major hurdle to widespread implementation of the technology beyond specific niches.The UserCheck system is designed to let......
[more] Palo Alto Offers 'Read Only' Facebook Access Network security vendor Palo Alto Networks announced Tuesday that its firewalls can now control which groups of users have access to specific Facebook functionality -- reading, posting, chatting, sending messages, using apps, or other plug-ins -- as well as when. Furthermore, any Facebook activity can also be scanned to ensure that data doesn't contain confidential information and to ensure it's not part of an unfolding security incident, such as a......
[more] Security-as-a-service growing When you ask IT professionals if they use cloud computing or software-as-a-service, most start by saying "no". But if you ask some follow up questions, you will quickly find out about "that one application" that is a SaaS application. In security, this effect is even more pronounced. Companies don't think they use security-as-a-service or "cloud" security. Yet, many do, in the form of messaging security: e-mail antispam and antivirus. T......
[more] Check Point announces its new management software blades Check Point Software Technologies Ltd has announced its new Multi-Domain Management software blades - Global Policy and Security Domain - that deliver virtual security management to businesses of all sizes. The new software blades enable businesses to segment their security management into virtual domains while consolidating their hardware infrastructure. In addition, the new software blades allow for stronger and better security with the......
[more] SQL injections dominate malware in 2010 As Gumblar named 'the most significant malware development in years'. The number of IPS SQL injections increased substantially in the second quarter of 2010 following a downturn. Cisco's global threat report for the second quarter of 2010 revealed that IPS SQL injection signature firings increased substantially in the period to coincide with outbreaks of SQL injection-compromised websites. It also claimed that Asprox SQL injection attacks made a reappearan......
[more] 'Unprecedented wave' of Java exploits hits users, says Microsoft Microsoft said Monday that an "unprecedented wave" of attacks are exploiting vulnerabilities in Oracle's Java software. According to a manager at Microsoft's Malware Protection Center (MMPC), attempts to exploit Java bugs have skyrocketed in the past nine months, climbing from less than half a million in the first quarter of 2010 to more than 6 million in the third quarter. "Some of our exploit 'malware' families wer......
[more] How ID card database will be destroyed Identity cards may be history for British citizens - but what about all the personal details collected by the government and stored on its national identity database? Anyone who imagined it would simply be a case of an official somewhere hitting delete is in for a rude awakening. The Home Office is seemingly planning an orgy of destruction, as expensive and barely-used equipment is removed from offices and destroyed - all in accordance with government guide......
[more] IPv6 has the potential to open unrecognised security weaknesses in otherwise secure environments Internet Protocol Version 6 (IPv6) is designed to succeed Internet Protocol version 4 (IPv4) and was developed by the Internet Engineering Task Force (IETF) and ratified in 1998. The new protocol adds additional features as well as offering a 128-bit address range. Its future adoption is almost certain as available IPv4 addresses are likely to be exhausted within two years based on current consumptio......
[more] Radware unveils newer version of DefensePro for attack prevention Radware, a provider of integrated application delivery offerings for business-smart networking, has unveiled the new version of its DefensePro software version 5.10. The new version integrates a reputation engine which mitigates against threats including financial fraud, information theft and malware spread facilitated by blocking network attacks such as Trojans, pharming, phishing and Bots. Radware's APSolute Attack Prevention st......
[more] Is a next-generation firewall in your future? The traditional port-based enterprise firewall, now looking less like a guard and more like a pit stop for Internet applications racing in through the often open ports 80 and 443, is slowly losing out to a new generation of brawny, fast, intelligent firewalls. The so called next-generation firewall (NGFW) describes an enterprise firewall/VPN that has the muscle to efficiently perform intrusion prevention sweeps of traffic, as well as have awareness......
[more] Network IPS security improving Independent security research and testing firm NSS Labs today released its most recent Network Intrusion Prevention System (IPS) Comparative Group Test Report for the fourth quarter of 2010. The previous NSS Labs network IPS report was released in September 2009. In that study, NSS Labs found that security effectiveness ranged from a dismal 17.3 percent to a high of 89.5 percent. Many of those failures a year ago resulted from the failure of network IPS vendors to......
[more] 'Mark-of-the-Beast' bug topples Java apps A bug in Oracle's Java programming framework causes computers to freeze when they encounter certain numerical values with large numbers of decimal places, a flaw that makes websites susceptible to highly efficient denial-of-service attacks. The vulnerability in the latest version of Java is similar to a flaw discovered last month that plagued the PHP language. It is trigged when applications attempt to process values such as 2.2250738585072011e-308. Syst......
[more] UK Identity and Passport Service in data breach blunder Britain's Identity and Passport Service was found to breach that country's Data Protection Act after losing passport renewal applications. The Information Commissioner's Office gave the organisation a slap on the wrist after 21 applications went missing. Personal data of both the applicants and their countersignatories was included in the lost documents. The service agreed to shore up its IT practices and document handling to ensure such a......
[more] Hackers avoiding encryption with memory scraping What's "pervasive memory scraping" and why is it considered by SANS Institute security researchers to be among the most dangerous attack techniques likely to be used in coming the coming year? Simply put, pervasive memory scraping is used by attackers who have gained administrative privileges to successfully get hold of personally identifiable information (PII) and other sensitive data held encrypted in a file system, according to Ed Sko......
[more] Mitigating DDoS attacks is not an easy task According to statistics released by the Web Hacking Incident Database (WHID) project DDoS attacks have become so popular that they are currently leading charts such as the top Web Application Risks and top Attack Methods, with downtime being the top Attack Outcome. LiveJournal has been the latest blogging platform targeted by multiple DDoS attacks. LiveJournal have been targeted a number of times in the past with DDoS attacks, mostly due to conflicting......
[more] 'Boil the ocean' data loss prevention needs to change Check Point is pushing its vision of consolidating disparate security products, managed from a single dashboard and centred on enterprise firewalls. Consolidating security offers better control, Gil Schwed, Check Point's chief exec, told delegates to the security vendors' annual conference in Barcelona on Wednesday. Check Point's 3D security approach brings together three strains - policy, people and enforcement - on technologies such as anti......
[more] Hard data on why your users should avoid file-sharing sites Of course your company's firewall blocks access to RapidShare.com, Easyshare.com, and other well-known file-sharing sites. Your users probably hate you for it. After all, when they need to send a large file to somebody outside the corporate firewall, the file-sharing sites make access fast, easy, and free. And no doubt your users have found plenty of devious ways to work around IT file-sharing restrictions: going to proxy servers or les......
[more] Is host-based antivirus software losing luster? Traditional host-based antimalware packages just aren't that useful anymore, according to some companies that find it either doesn't protect against the main dangers they face from the Web or it simply doesn't run well in virtualized computer environments. "We're hovering at 95 percent virtualized," and the move has necessitated a new approach to security, such as deploying virtual-machine-based intrusion detection and protection. But Pri......
[more]
