Knowing about a security breach or potential breach is not the same as stopping any damage from occurring. The time between NIDS detection and administrator intervention is often too long to avoid damage and costly cleanup. And the damage can be severe. When you combine the fact that network intrusion techniques have advanced quickly and increased in frequency while enterprise dependence on their network resources have also increased, intrusion detection is not sufficient protection.
A new generation of Active Network-Defense System (ANDS) security products are now available that detect and block malicious traffic. The ANDS is placed in-line as part of the network infrastructure to inspect and possibly manipulate every packet that goes through it.
This constitutes a dramatic technology shift from a passive NIDS to a network infrastructure type device. The ANDS must perform reliably at line speeds and when it detects a packet that is malicious it drops that packet. By dropping the packet, the attack is immediately blocked. There are no damages or even partial damages to repair nor alarms to be processed.
Designing and implementing a Active Network-Defense System is not without its challenges. Utilize Access 2 Networks' experience in security to assist your organization in implementing an Intrusion Prevention System for your organization.
Return to Services Index