Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Location of an IPS
- Doug Fox
October 20, 2005, 1:06 am
rate this thread
- Hairy One Kenobi
October 20, 2005, 12:21 pm
Re: Location of an IPS
Well it depends of the purpose.
If you want to increase the security in your lan : behind it.
Why ? All the traffic that your firewall blocks doesn't have to be
analysed since it can't get inside your lan and be dangerous.
If you want to monitor all the traffic to see if someone is trying to
break into your network : in front of it.
I think that the first choice is the best one. Moreover, if you really
want to monitor all the traffic, those equipments generate a lot of log
files and also a lot of false alarms : analysing this data could take
you hours and you have to be well trained to understand it and catch
It's generaly more relevant to install it behind your firewall.
Doug Fox a écrit Le 20/10/2005 03:06 :
> Where should I installed a network-based Intrusion Prevention System
> Is it in front of a firewall or behind it?
> The IPS is a Tipping Point Unity 50.
> Any comments are appreciated.