November 3, 2016 By Jordan Carlson 3 min read

Much has been said about the recent changes in the security market, with several big technology players shedding and selling off their security assets. Included among them are two portfolios that feature well-known intrusion prevention systems (IPS).

Any time there is this level of disruption, many clients start to get antsy and wonder if they made the right decision regarding their technology selections. At a minimum, they start to consider casting a wider net when it comes to vendor and solution evaluations.

The focus should be on the long-term success of your security program, not just a point-in-time evaluation of a product. It is important to evaluate your security purchases in light of how they fit within your entire solution stack. Working together, those solutions deliver a higher level of protection than the mere sum total of the parts.

Perhaps this is most essential when considering your network security solutions. Sure, this is a mature segment of the market, but it is also one of the most critical since all attacks utilize the network at some point. With that in mind, here are three things to consider as you plan your next intrusion prevention system refresh.

1. IPS Isn’t Just for the Perimeter

The perimeter of your network, behind a firewall, is an obvious place to deploy an IPS, but it isn’t the only one to consider. According to the “2016 Cyber Security Intelligence Index,” 60 percent of attacks start on the inside, so it is critical to inspect network traffic that doesn’t hit the perimeter.

Protecting the internal segments of your network is just as important, and it is an ideal use case for IPS. As a layer 2 device that sits as a bump on the wire, there is no re-architecting required to deploy the IPS on the interior of your network.

2. Not All Solutions Are Created Equal, and None Are an Island

A recent Forrester survey indicated that 55 percent of security professionals believe that a standalone IPS is more effective than the IPS feature found in next-generation firewalls. But just because a dedicated appliance performs better than a converged one doesn’t mean you shouldn’t think about how it fits within your overall security program.

Integrating your IPS with other security solutions extends the value of your security investments and improves your overall security posture. This integration leverages network flow data to improve threat intelligence and quickly implements policy updates to block or quarantine threats.

Watch the on-demand webinar: Top 5 Things to Look for in an IPS Solution

3. Flexible Options Can Protect Your Network and Investment

When selecting an IPS, clients often feel compelled to buy more performance than they need today because they anticipate an increase in network traffic at some point in the future. It makes the initial purchase more expensive than it needs to be, and there is always a risk that the forecast traffic doesn’t come about as planned.

However, there are flexible performance options that enable you to purchase the performance level you need today and update via a software license upgrade in the future. This can help you avoid the dreaded rip-and-replace of hardware. Similarly, consider the flexibility of connectivity options and look for modular designs that enable you to switch out interfaces as you update and change your network.

Those are just a few big-picture ideas to keep in mind as you start to plan for your next IPS upgrade. It is also important to point out that intrusion prevention systems has changed in significant ways over the past several years. Today’s next-generation IPS has many improved capabilities and features over your aging first-generation IPS.

To learn more, check out our webinar, “Top 5 Things to Look for in an IPS solution.” This session is sure to help you make the right decision for your organization’s network security.

More from Network

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

Databases beware: Abusing Microsoft SQL Server with SQLRecon

20 min read - Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I have seen a decentralized zero-trust network, enterprise Linux, macOS network, or Active Directory alternative (FreeIPA). As I navigate my way through these large and often complex enterprise networks, it is common…

Easy configuration fixes can protect your server from attack

4 min read - In March 2023, data on more than 56,000 people — including Social Security numbers and other personal information — was stolen in the D.C. Health Benefit Exchange Authority breach. The online health insurance marketplace hack exposed the personal details of Congress members, their families, staff and tens of thousands of other Washington-area residents. It appears the D.C. breach was due to “human error”, according to a recent report. Apparently, a computer server was misconfigured to allow access to data without proper…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today