Not Your Father's IPS:SANS Survey on Network Security Results

by Rob VandenBrink
Sept. 1, 2017 0 comments SANS Institute

In today’s security landscape, IPSs are in the process of radical change. Established IPS companies are rapidly improving the look and feel of their IPS devices, making them much more management friendly. IPS inputs were once confined to direct packet capture, but now the packet capture function, while still critical, is in many cases being moved to a sensor platform. The IPS proper is now moving toward what many would call a “Next-Generation IPS” (NG-IPS), complete with a central IPS console and inputs from many sensors. Sensors might include multiple packet capture sensors, but they might also include endpoint protection systems, syslog, logs from Windows servers or a wide variety of logging services.