Does your network security have X-ray eyes? Well yes it does, if you use an intrusion prevention system (IPS). An IPS helps stop network attacks that other security can miss. Without IPS, your business may damage its brand and suffer costly security breaches.

IPS Detects Dangers in the Dark
Firewalls and antivirus/antispyware software, the frontline of network security, address known threats. They’re like airport security personnel who allow passengers with acceptable ID and boarding passes to proceed into the screening area, explains Dan Holt, CEO of HEIT Consulting, Inc., a Cisco Premier Certified Partner that specializes in IT solutions for financial institutions.But unknown threats–especially zero-day exploits (unknown viruses and attacks on undisclosed or unpatched computer application vulnerabilities)–elude this frontline security and spread before they’re identified.

The IPS is like an airport X-ray scanner, explains Holt. An IPS inspects all incoming (and outgoing) network traffic for malicious characteristics, and blocks and isolates suspicious activity. Subsequent traffic from the suspect Internet Protocol (IP) addresses or ports is also blocked, unless the IPS administrator allows it. An IPS strengthens network protection against these threats:

• Unauthorized network access
• Data theft
• Denial-of-service attacks and other malicious activities

Business Benefits
The threat inspection of an IPS can help you in these ways:

• Minimize losses. Holt says that because unknown threats evade many security technologies, they’re increasingly responsible for breaches. According to the Ponemon Institute, the cost of a security breach in 2007 averaged $197 for each affected customer record.
• Attract and keep customers. Proactive protection of sensitive data can build company brand awareness and loyalty. An example: DriveSavers Data Recovery, an 80-employee company that rescues data from damaged hard drives, must be able “to say with 100 percent confidence we can protect that information,” says Michael Hall, director of PC engineering. “I was always concerned about a new virus hitting us before our antivirus vendors could come up with a patch,” he says. Now, with a security appliance with integrated IPS module, “any strange behavior is blocked—even if it’s unidentified.”
• Increase productivity. The proactive security of an IPS means that IT staff spend less time chasing down and reacting to attacks. For example, the 133-employee Internet technology company Synacor implemented an IPS solution to protect its networks. “Now, if someone is trying to launch a denial of service or infiltrate one of our customer networks, we know immediately,” says Adam Howell, director of network engineering and systems operations. “It’s much more proactive, versus trying to resolve crises once they’ve already started.”

Making It Real: IPS Options
Ultimately, an IPS gives businesses the X-ray vision needed to detect and stop both known and unknown threats in real time. The ways to implement IPS security are:

• Network Hardware. You can add IPS sensor modules to routers or integrated security appliances.
• Device Software. You can install IPS (and other security such as firewall, VPN, and AAA features) as software for routers.

IPS security requires IT staff to configure, monitor, and update it; some IPS vendors make these processes relatively easy. An alternative to onsite staffing is managed security services, wherein the service provider installs IPS, firewall, and other security technology on your network and remotely manages and monitors it for you.

To move your business to an IPS solution, Holt recommends beginning with a review of your network security and its potential gaps, then deciding where an IPS is required and how it should be managed. For help, ask a partner that serves SMBs and has security expertise; also consider one that specializes in your industry.