cisco Intrusion Prevention Systems (IPS)

Unanswered Question

Hello


the following form the cisco reference guide,how the IPS Stops network virus?


cisco Intrusion Prevention  Systems (IPS)

--------------------------------------------------------------------

Cisco Intrusion Prevention System (IPS) solutions accurately identify, classify, and

stop malicious traffic, including worms, spyware, adware, network viruses, and

application abuse, before they affect business resiliency.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
dhananjoy chowdhury Sun, 04/11/2010 - 09:40
User Badges:
  • Silver, 250 points or more

The IPS has signatures matching patterns for various viruses and malicious codes.

IPS analyzes the packet/stream and if it matches any of the signatures that are enabled, it will take predefined actions like block/ alert, etc.


You can get more details on the Cisco ips signatures here.

http://tools.cisco.com/security/center/search.x?search=Signature

Jennifer Halim Sun, 04/11/2010 - 22:00
User Badges:
  • Cisco Employee,

You are right. IPS is not an anti virus appliance, ie: it will not be able to clean the host which is infected by virus, however, it can help to prevent the spread of network virus. IPS can detect that there is anomaly of the traffic from normal traffic pattern, and will be able to detect and prevent the outbreak of the virus.


Hope that answers your question.

Actions

This Discussion