• Intrusion Prevention System

    Stop intrusions in their tracks

Intrusion Prevention System (IPS)

An Intrusion Prevention System (IPS) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. Vulnerability exploits usually come in the form of malicious inputs to a target application or service that attackers use to interrupt and gain control of an application or machine. Following a successful exploit, the attacker can disable the target application (resulting in a denial-of-service state), or can potentially gain access to all rights and permissions available to the compromised application.

Understanding the company environment and specifics is mandatory in order to define all untrusted activities and the required actions. This is precisely where TSC starts with the IPS service to ensure sustainable and reliable delivery.

How do Intrusion Prevention Systems work?

Intrusion prevention systems work by scanning all network traffic. There are a number of different threats that an IPS is designed to prevent, including:

 

  • Denial of Service (DoS) attack
  • Distributed Denial of Service (DDoS) attack
  • Various types of exploits
  • Worms
  • Viruses

IPS performs real-time packet inspection, thoroughly inspecting every packet that travels across the network. If any malicious or suspicious packets are detected, the IPS will carry out one of the following actions:

 

  • Terminate the Transmission Control Protocol (TCP) session that has been exploited and block the IP address or user account of the offender from further accessing any application, target hosts, or other network resources.
  • Reprogram or reconfigure the firewall to prevent a similar attack from occurring in the future.
 

Remove or replace any malicious content that remains on the network following an attack. This is done by repackaging payloads, removing header information, and removing any infected attachments from file or email servers.

IPS performs real-time packet inspection, thoroughly inspecting every packet that travels across the network. If any malicious or suspicious packets are detected, the IPS will carry out one of the following actions:

 

  • Terminate the Transmission Control Protocol (TCP) session that has been exploited and block the IP address or user account of the offender from further accessing any application, target hosts, or other network resources.
  • Reprogram or reconfigure the firewall to prevent a similar attack from occurring in the future.
 

Remove or replace any malicious content that remains on the network following an attack. This is done by repackaging payloads, removing header information, and removing any infected attachments from file or email servers.

Types of IPS:

© All rights reserved to Teach Stations Company.

This website uses cookies to ensure you get the best experience on our website. By continuing to browse on this website, you accept the use of cookies for the above purposes.