Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPS vs application firewall

From: Gaizka Isusquiza <gaizkaisusquiza () gmail com>
Date: Thu, 16 Nov 2006 08:51:23 +0100
Hi,
I understand a Firewall like a fence with some security guards in every entrance, to prevent intruders enter in an area, some of them are for networks and some of them only for specific hosts and are placed in the perimeter. On the other hand, the IPS are like the security guards that are walking inside a zone, just in case someone is able to cross over the fence, and in case someone is found, neutralize it(this last action is the difference between IPS and IDS).
Both systems are complementary, the firewall stops most of the automatic attacks. But as far as you need to give some services to your clients you must have open some ports for legal activities, and an attacker can disguise itself to look like a customer and after crossing the firewall (even the best configured firewall architecture doesn't stop every attack) start to spread chaos in your systems/networks. So this is the moment when the IPS must do its best to find the dangerous proccess/connection and kill it. 

Gaizka

krymson () gmail com wrote:

This question came up and I'm unable to really answer this. What is the difference between an IPS (an active IDS, 
really) and an application firewall or a web application firewall?

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------





---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: