How to Cheat at Managing Information Security

Chapter 11: Intrusion Prevention and Protection

The purpose of this chapter is to:

  • Provide a working definition of an IPS

  • Provide a catalog of the active responses and the way attacks can be responded to

  • Provide a quick tour of some current IPS implementations

  • Provide a description of problems IPSes can solve

Anecdote

I was very lucky to work on most of England s Internet banks, and it really was a pleasure. Apart from the general excitement that always surrounded a new e-commerce project, the banks were risk-averse organizations that rarely cut corners on security, allowing me to delve deep into the areas I was working on.

An Internet bank was being launched in North and my company won the contract to review and improve the security controls. I had made all the necessary improvements to the firewalls and the routers. The intrusion detection system (IDS) was the last component that needed to be reviewed, but that was not going to take place until the morning of the first day the site went live. The implementation team had been let down by the supplier, so the system administrators were going to install and configure the IDS on the big day. The rationale was that an IDS was only a detective control, so the bank could survive it suboptimum for a day or two. It s not as if it was a really important detective control.

When I arrived at the office, all was chaos, with apparently nothing working, no e-mail, no web access the whole things had gone to...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Network Security Services
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.