Today’s advanced technologies, such as cloud computing, mobility, and big data analytics, are key enablers for improving enterprise productivity. While such advanced technologies provide distinct advantages to businesses, if not supported by the right infrastructure, they can expose enterprises to security risks.
Advanced attackers demonstrate a level of sophistication that challenges the ability of many businesses to cope. Motivated by financial gain, state sponsored cyber espionage and sometimes hacktivism, attackers exploit a growing set of attack vectors and any weakness they find, thereby evading traditional boundaries and controls.
Once inside the corporate network, adversaries can gain a foothold and move laterally toward their ultimate target, often high-value assets housed in your data center. Staying under the radar, they can even hijack servers to launch new attack campaigns.
Protecting today’s complex networks requires a robust threat detection and containment approach. Such an approach needs to be based on deep visibility into users, devices, files, and applications as well as vulnerabilities.
Intrusion Prevention Systems (IPS) Overview
Intrusion prevention systems (IPS) play a key role in securing the enterprise and data center networks by not only identifying attacks but also blocking them by dropping packets that are deemed suspicious. And they were designed to be more effective at discerning between true attacks and false alarms.
IPS systems were developed to supplement the network firewall. At the most basic level, firewalls filter network traffic based on predefined rules, blocking entry to traffic that is not explicitly approved. IPS devices are designed to sit behind the firewall and before the internal network, inspecting communications and analyzing traffic patterns in real-time to detect and prevent attacks. They serve as an additional layer of protection to enhance a company’s security posture, and are often required for compliance with stricter government regulations. But because IPS inspections are more resource-intensive, and too many of them could affect network performance, it’s important for the firewall to first screen out traffic that shouldn’t be allowed onto the network.
Evolution of IPS Market: Stand-Alone IPS vs. Integrated IPS/Firewall
The IPS market is evolving, leading companies to reconsider whether to run a standalone IPS appliance or consolidate IPS and other security functions into a next-generation firewall (NGFW). Both options have pros and cons. IT security evaluates the ability of different IPS tools and NGFWs to thwart attacks, the devices’ effect on network throughput, and cost and resource considerations. The right solution depends on an organization’s unique requirements.
Large campuses and data centers, for which application and data security are paramount, require the content inspection found in next-generation IPS systems, which is typically available only in standalone IPS devices. NSS Labs estimates that the market for implementing standalone IPS devices within data centers is worth $450 million USD annually, and projects a compound annual growth rate for this market of 15% through 2020.
Enterprises with complex networks, large data centers, or particularly acute concerns about applications or data security should strongly consider installing a standalone IPS in addition to a firewall. In fact, companies requiring maximum performance and security for their data center or corporate network frequently opt to deploy separate NGFW firewall and next-generation IPS (NGIPS) systems.
Small, branch locations and midsize, campus locations that are separate from the corporate data center are transitioning to IPS within an NGFW. If the IT security is satisfied with the level of IPS functionality and performance a NGFW provides, the next step is typically to evaluate an IPS-in-NGFW solution. In doing so, it’s important the organization performs the appropriate risk assessment and testing to ensure that throughput and performance with IPS functionality meets/exceeds expectations.
The cost benefits of combining firewall and IPS functionality in a single NGFW system are numerous. Most organizations are trying to balance operational ease for their security requirements. By moving toward a single-pane-of-glass management scheme, considerable ease of configuration and better device visibility can be achieved. Additionally, individuals with security skills come at a high cost premium, and fewer devices and skillsets to support operations must form part of the discussion.
Interface Masters Technologies’ embedded network appliances are scalable network security platforms capable of supporting physical or virtual stand-alone IPS as well as integrated IPS and NGFW deployment options. The Interface Masters appliances feature off-the-shelf server hardware technologies to enable a fully converged, NFV-based virtualized infrastructure designed to support high-performance and secure IPS services. The embedded appliance platform also includes foundational software and open interfaces for management and orchestration, simplifying operation and enabling easier integration. From a deployment perspective, the Interface Masters NFV Platform can be equipped to support IPS applications in enterprise, small-business or branch office environments.
Interface Masters supports a full-range of network hardware security options including FIPS 140-2 (cryptographic security, levels 1-4), tamper resistant switches capable of detecting all forms of physical intrusion, mechanical enclosure designs capable of preventing probing and internal component visibility, battery backed real-time clocks with 10ppm accuracy, and off-the-shelf Trusted Platform Module (TPM) ready devices.
Interface Masters Technologies has for over 20 years been providing off-the-shelf innovative networking solutions with customization services to OEMs, Fortune 100 and startup companies. We are headquartered in San Jose, California in the heart of Silicon Valley where we proudly design and manufacture all of our products. Based on MIPS, ARM, PowerPC and x86 processors, Interface Masters appliance models enable OEMs to significantly reduce time-to-market with reliable, pre-tested and pre-integrated appliance solutions that can meet the most challenging networking requirements.