I have been researching anti virus 2008 and 2009 malware. I have found little discussing how to prevent the malware. Mostly I find how to get rid of it. Any ideas on how to prevent the infection? Maybe using a network IPS.
IPS will not be suitable for Anti-Virus or Anti-Malware protection.The right solution will be to use Cisco ASA with CSCS-SSM Module which can prevent virus and malware attacks.The CSC-SSM can prevent virtually all known malicious code from entering and propagating across the network. This helps prevent disruption of business critical applications and services, prevent valuable key systems and employee downtime and reduce the costly process of cleaning up after an infection.
"IPS will not be suitable for Anti-Virus or Anti-Malware protection"
"The CSC-SSM can prevent virtually all known malicious code from entering and propagating across the network"
Absolute, complete and utter BS. I know you're just regurgitating what Cisco says (shame on Cisco), but this is absolute fantasy. You simply CAN'T do this that effectively at a gateway, you don't have the required context. Even the best products in this space (which Cisco is far from being) aren't that effective.
If you're starting from scratch, I would recommend looking at client solutions first. Once you have that in place, it might make some sense to look at gateway solutions. If you want "best of breed", take a look at Webwasher, Finjan and BlueCoat. Ironports might be worth checking out too, if it's anywhere near as good as their SMTP product. If those are just to expensive, then you might also take a look at the Cisco ASA-CSC solution.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...