Intrusion Prevention Examples and Use Cases
Examples, insight and guidance from expert users who have implemented Intrusion Prevention. Benefit from these users' lessons learned, mistakes and tips while learning about Intrusion Prevention's costs, benefits and technical implementation details.
| OTM Data Dial Tone |
| A policy-based look at how the State of Louisiana successfully implements Intrusion Prevention Systems. From the Resource: The goal of [Office of Telecommunications Management's] network Intrusion Prevention System is to protect critical IT assets within the [state of Louisiana's Secure Intranet] consolidated data center by identifying internal and external threats to the network and responding to each threat appropriately. The IPS examines packets for unauthorized traffic and defines threats to include: - Reconnaissance threats: Hackers scan network topologies to identify vulnerable devices (such as open ports, lack of password requirements, OS vulnerabilities) and attack them. - Distributed-denial-of-service (DDoS) and infrastructure attacks: These are IP packet-based attacks launched at the network infrastructure to compromise network performance and reliability. - Break-ins and device takeover: These usually follow a reconnaissance and are the unauthorized access to a given device with the intention to compromise device security. - Theft of service and fraud: This threat category pertains to the unauthorized use of network resources. |
| State of Louisiana's Office of Telecommunications Management |
| Intrusion Prevention in Primary Education |
| A pragmatic look at Intrusion Prevention from a practitioner in primary education. Includes examples, deployment considerations and specific guidance. From the Resource: "I don't believe there has ever been a time more urgent for deployment of a fully-meshed security infrastructure to combat malware and technology vulnerabilities then there is today. At the core of this technology infrastructure must be a strong set of access and content filtering controls, fully patched systems, and an active engine at the core of the network and on all network nodes detecting and preventing intrusion." |
| David R. Bailey, Data Networks |