1 Reply Latest reply: May 27, 2013 3:55 PM by tjaynes RSS

    Network Security Platform - Using HIPS on servers in addition to NIPS

    ssmmss

      Hello,

       

      If we are using NSP (network) and host based IPSs (workstations), is becoming a no brainer to implement HIPS on servers as well? (in complex enterprise environment).

       

      How would I know if the NIPs are strategically placed throughout the company? Please point me to a guide if there is one.

       

      Thanks much.

        • 1. Re: Network Security Platform - Using HIPS on servers in addition to NIPS
          tjaynes

          Network Intrusion Detection/Prevention Systems (NIDS/NIPS) are there to protect the wire. HIPS is there to protect the system. Signatures/rules of NID/PS and HIPS vary a bit. They monitor different for different types of activity. Once an attacker has access to a system, the NIDS/NIPS may not capture things like "change system IP" or "change admin password"; HIPS would catch this.

           

          NIDS/NIPS should be at important bottle neck points in your network (of course you want the hardware to match what crosses the wire (e.g. 1 or 10 Gig throughput)). For example; at the edge of a particular branch or office. Or at your enterprises gateways.