Intrusion Prevention in Networks
A properly configured firewall is a good starting point in securing a computer network. However, complex network environments that involve higher number of participants and endpoints require better security infrastructure. Intrusion Detection Systems (IDS), proposed as a solution to perimeter defense, have many open problems and it is clear that better solutions must be found. Due to many unsolved problems associated with IDS, Intrusion Prevention Systems (IPS) is introduced. The main idea in IPS is to be proactive. Network Intrusion Prevention System (NIPS) becomes more complex due to the rapid growth of network bandwidth and requirement of network security. However, existing solutions, either hardware-based or software-based cannot obtain a good tradeoff between performance and flexibility.