Firewall Wizards mailing list archives
RE: Intrusion Prevention Firewall
From: Dave Piscitello <dave () corecom com>
Date: Fri, 29 Mar 2002 13:39:40 -0500
The other "spin" marketing places on "Intrusion Prevention Firewalls" is a firewall-IDS integration arrangement where the IDS detects an attack, and the firewall policy is automatically modified to block the attack. Some firewalls also market the fact that they can detect certain DOS attacks and scans (RSSA), and react by damping down traffic or temporarily blocking sites where the attacks originate (WGRD). I'm doing the intrusion "prevention" piece of a session at Networld+Interop in May entitled "Intrusion Detection, Deception, and Prevention". I focus more on prevention by better software development and deployment practices. If you want to get an early look at this, I'm happy to post an html version at my web site. At 12:00 PM 3/29/2002 -0500, Marcus J Ranum wrote:
I suspect you are referring to "intrusion prevention" - which is a hot new marketing term but basically everything that's being billed as "intrusion prevention" is just firewalling + antivirus with a bit of fresh paint on it.
David M. Piscitello Core Competence, Inc. & The Internet Security Conference 3 Myrtle Bank Lane Hilton Head, SC 29926 dave () corecom com www.corecom.com www.tisc2002.com hhi.corecom.com/~yodave/
Current thread:
- Intrusion Prevention Firewall Gary Flynn (Mar 16)
- Re: Intrusion Prevention Firewall Mark Renouf (Mar 17)
- Re: Intrusion Prevention Firewall Inno Eroraha (Mar 29)
- <Possible follow-ups>
- RE: Intrusion Prevention Firewall Stiennon,Richard (Mar 17)
- FW: Intrusion Prevention Firewall franks (Mar 17)
- Re: FW: Intrusion Prevention Firewall Gary Flynn (Mar 29)
- RE: Intrusion Prevention Firewall Pieper, Rodney (Mar 29)
- RE: Intrusion Prevention Firewall Marcus J. Ranum (Mar 29)
- Re: Intrusion Prevention Firewall Gary Flynn (Mar 29)
- Re: Intrusion Prevention Firewall Marcus J. Ranum (Mar 29)
- RE: Intrusion Prevention Firewall Dave Piscitello (Mar 29)
- Re: Intrusion Prevention Firewall Crispin Cowan (Mar 29)
- RE: Intrusion Prevention Firewall Marcus J. Ranum (Mar 29)
- RE: Intrusion Prevention Firewall Stiennon,Richard (Mar 30)