How can I prevent attacks on my network?

Historically networks have been protected from attack by a firewall. However, a firewall protects your network according to a fixed policy. Whilst the policy will change from time to time, it is in effect, fixed. This is a bit like a country having border guards and no police. If the border guards do not detect suspicious individuals they are allowed to pass and there is then no other agency to control their actions.

What is needed is a device that looks deeper into each packet and these fall broadly into two categories;

An Intrusion Detection appliance is an early-warning system that alerts IT organisations to the presence of intruders by examining packet payload and alerting on suspicious or malicious traffic types, thus preventing security breaches on the network and helping to protect servers from being compromised. Whilst Intrusion Detection systems have proven worthwhile in documenting attacks, their ability to only inform can be of little use when the attack is at 3am and the network administrator is snug in bed!

Intrusion Detection and Prevention (IDP) technology combines the two capabilities of a Firewall and Intrusion Detection: policies are set (by means of an integrated firewall or through a separate firewall), examined for hostile activity, and most importantly, blocked. Using IDP technology IT departments can automate an incident response, capture any forensic data and block access even if the attack is in the early hours of a Sunday morning.

Subscribe to our e-feeds for technical briefings, events, offers and more. Click Here.