Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
602 Views 1 Reply Latest reply: May 27, 2013 3:55 PM by tjaynes RSS
ssmmss Newcomer 2 posts since
Mar 8, 2013
Currently Being Moderated

Mar 8, 2013 3:39 AM

Network Security Platform - Using HIPS on servers in addition to NIPS

Hello,

 

If we are using NSP (network) and host based IPSs (workstations), is becoming a no brainer to implement HIPS on servers as well? (in complex enterprise environment).

 

How would I know if the NIPs are strategically placed throughout the company? Please point me to a guide if there is one.

 

Thanks much.

  • tjaynes Newcomer 19 posts since
    May 27, 2013

    Network Intrusion Detection/Prevention Systems (NIDS/NIPS) are there to protect the wire. HIPS is there to protect the system. Signatures/rules of NID/PS and HIPS vary a bit. They monitor different for different types of activity. Once an attacker has access to a system, the NIDS/NIPS may not capture things like "change system IP" or "change admin password"; HIPS would catch this.

     

    NIDS/NIPS should be at important bottle neck points in your network (of course you want the hardware to match what crosses the wire (e.g. 1 or 10 Gig throughput)). For example; at the edge of a particular branch or office. Or at your enterprises gateways.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points