TRA Consulting, Inc. believes in security in layers; and as such, we highly recommend the implementation of Intrusion Detection and Prevention Systems (NIPS). Our experience with these systems makes us a great choice to assist your organization in deploying a NIPS.
A NIPS analyzes all data traffic at the network layer and compares this data against a database of known signatures. If it appears that an attack is beginning, the NIPS actively adjusts to the situation to either fix the broken packets or reject them. There can be an insignificant amount of falsely rejected data; but the positives definitely outweigh the negatives when employing a NIPS.
We recommend a NIPS on the network edge in most cases for many reasons:
- A network appliance assumes responsibility for processing data, relieving the burden on hosts
- Inspects data at the network layer, rather than the application-layer
- Locates itself at the best choke-point for traffic (network edge)
- Simpler than deploying a more costly host-based system
- Less points of failure than a host-based system