Much has been said about the recent changes in the security market, with several big technology players shedding and selling off their security assets. Included among them are two portfolios that feature well-known intrusion prevention systems (IPS).
Any time there is this level of disruption, many clients start to get antsy and wonder if they made the right decision regarding their technology selections. At a minimum, they start to consider casting a wider net when it comes to vendor and solution evaluations.
The focus should be on the long-term success of your security program, not just a point-in-time evaluation of a product. It is important to evaluate your security purchases in light of how they fit within your entire solution stack. Working together, those solutions deliver a higher level of protection than the mere sum total of the parts.
Perhaps this is most essential when considering your network security solutions. Sure, this is a mature segment of the market, but it is also one of the most critical since all attacks utilize the network at some point. With that in mind, here are three things to consider as you plan your next intrusion prevention system refresh.
1. IPS Isn’t Just for the Perimeter
The perimeter of your network, behind a firewall, is an obvious place to deploy an IPS, but it isn’t the only one to consider. According to the “2016 Cyber Security Intelligence Index,” 60 percent of attacks start on the inside, so it is critical to inspect network traffic that doesn’t hit the perimeter.
Protecting the internal segments of your network is just as important, and it is an ideal use case for IPS. As a layer 2 device that sits as a bump on the wire, there is no re-architecting required to deploy the IPS on the interior of your network.
2. Not All Solutions Are Created Equal, and None Are an Island
A recent Forrester survey indicated that 55 percent of security professionals believe that a standalone IPS is more effective than the IPS feature found in next-generation firewalls. But just because a dedicated appliance performs better than a converged one doesn’t mean you shouldn’t think about how it fits within your overall security program.
Integrating your IPS with other security solutions extends the value of your security investments and improves your overall security posture. This integration leverages network flow data to improve threat intelligence and quickly implements policy updates to block or quarantine threats.
3. Flexible Options Can Protect Your Network and Investment
When selecting an IPS, clients often feel compelled to buy more performance than they need today because they anticipate an increase in network traffic at some point in the future. It makes the initial purchase more expensive than it needs to be, and there is always a risk that the forecast traffic doesn’t come about as planned.
However, there are flexible performance options that enable you to purchase the performance level you need today and update via a software license upgrade in the future. This can help you avoid the dreaded rip-and-replace of hardware. Similarly, consider the flexibility of connectivity options and look for modular designs that enable you to switch out interfaces as you update and change your network.
Those are just a few big-picture ideas to keep in mind as you start to plan for your next IPS upgrade. It is also important to point out that intrusion prevention systems has changed in significant ways over the past several years. Today’s next-generation IPS has many improved capabilities and features over your aging first-generation IPS.
To learn more, check out our webinar, “Top 5 Things to Look for in an IPS solution.” This session is sure to help you make the right decision for your organization’s network security.