10 tips for implementing IPS securely

By Phil Lerner, VP technology, Stonesoft Americas, Network World |  Security, intrusion prevention system, IPS

9) IPv6 ready. Major operating systems and core networking components offer IPv6 support. For example, Windows Vista uses IPv6 addresses by default, which may be a potential security threat without properly implemented access control and deep inspection. In addition, malicious traffic may be hidden inside IPv6 and IP-in-IP tunnels, which many security solutions still fail to protect.

Make sure your IPS provides stateful access control and full deep inspection capabilities for IPv6 network traffic, including IPv6 encapsulation, IP-in-IP and GRE tunneling protocols. [Also see: "The Dual Stack Dilemma"]

10) Integration with your firewall. The essence of a next-generation firewall is the ability to interact with an intrusion prevention system. The integration of these capabilities can either be within a single system or separate, but be aware of issues that can arise around reporting, throughput and management.

Stonesoft provides mid- and large-size organizations software-based network security solutions, which include the industry's first evasion prevention system (EPS), the industry's first transformable Security Engine as well as stand-alone next generation firewalls, intrusion prevention systems and SLL VPN solutions.

Read more about wide area network in Network World's Wide Area Network section.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness