IPS systems detect, block and alert on attacks against un-patched systems and applications.

Most common attack types that IPS systems are used for are as detailed below:

Reconnaissance - Gaining information about the system or network, such as using port scanners to see what ports are open.

Policy Violations - Rules, protocols or packet design that is violated. Like an IP packet that is incorrect in length.

Exploit - Attempts to exploit a vulnerability of a system, application or protocol. For example buffer overflow attacks.

DOS\DDOS - When an attack attempts to bring down a system by sending too many requests such as SYN flood attacks.

Two of the most important aspects within an IPS solution is speed and security. An IPS solution should be able to cope with incoming traffic and the packet inspection needed to be carried out in a timely manner, and produce, accurate, high detection rate with minimal false positives.

This section provides a list of network IPS vendors. For host based IPS, see endpoint protection and home user All-In-One internet security suites.

This section does not include network firewalls with IPS capabilities, only dedicated point solutions. See firewall section for firewalls with built in IPS functionality.

Today's Next-Generation IPS systems are much more intelligent than what they used to be and have the ability to learn the network, learn about the assets within the network, make decisions based on the assets and integrate with user directory services so that they are able to identify who was logged in to a system at the time an asset was being attacked or an asset was executing the attack.

 

 

 

 

Intrusion Prevention Detection Solutions & Vendors

 

 

 

 

Alert Logic is a cloud based solution vendor and offers a cloud based IDS service.

 

Check Point Software Technologies is a security vendor and has an IPS solution for both small and large networks. IPS-1 is Check Point’s IPS dedicated solution.

 

Cisco is a leader in the networking space and has a range of security solutions including network IPS. With the acquisition of Sourcefire, Cisco tightly integrates with the Sourcefire IPS product set, providing next generation of IPS capabilities.

 

Corero Network Security acquired Top Layer Security who is a dedicated IPS and DDOS specialist vendor.

 

Damballa protects businesses from targeted attacks used for online crime.

 

DeepNines is a security vendor based in the US. DeepNines Secure Web Gateway is a combination of its IPS and web security solutions in one appliance.

 

Enterasys Secure Networks is a wired and wireless network infrastructure and security solutions provider. As well as IPS it also specialises in NAC and log and event management (SIEM).

 

FireEye is a vendor offering an IPS product.

 

Global DataGuard is a security vendor with an IPS\IDS solution. Global DataGuard also provide other security solutions and services.

 

HP's TippingPoint is an intrusion prevention system. HP has a portfolio of IT solutions in other areas as well as security. HP TippingPoint is available in both hardware and virtual platform.

 

Huawei Symantec Technologies is a vendor of network security and storage solutions. Huawei delivers intrusion detection and prevention products.

 

IBM ISS is a division within IBM and has a portfolio of security solutions and services. IBM’s IPS solution is a well-established enterprise class product.

 

Juniper Networks is a networking and security vendor with an IPS offering available in both hardware and virtual platforms.

 

Mcafee is a large security vendor with a wide range of security solutions. Mcafee has a very good IPS solution that can integrate into its Epolicy Orchestrator central management system.

 

NSFOCUS Information Technology is a network and application security vendor. NSFOCUS delivers an anti-DOS system and a network intrusion prevention system.

 

NitroSecurity is a security vendor who provides log management, database security and an IPS solution.

 

Radware is a data centre infrastructure company with an IPS solution offering. Radware specialises in application delivery and other security solutions as well.

 

StillSecure is a security vendor that offers IPS, NAC and managed services. Strata Guard is StillSecure's dedicated IPS solution.

 

Stonesoft is a security vendor with a firewall, IPS and SSL VPN product. Stonesoft Stonegate IPS solution comes in both hardware and virtual platforms.