The role of the next generation intrusion prevention system (NGIPS) is to protect enterprises against threats and provide granular visibility into network traffic. The NGIPS can be either a physical or a virtual appliance and is typically placed behind a firewall to provide deep packet inspection and to protect against threats.
The explosion of business and personal web applications has led to the near-disintegration of the network perimeter and created new challenges for intrusion prevention. NGIPS products continue to evolve and have proved they are still effective tools in addressing what is top of mind for the enterprise.
Some of today’s use cases for an NGIPS are:
In addition to traditional deployment at the network perimeter, the NGIPS is often deployed by the enterprise to inspect internal traffic. This is important in a zero-trust security framework where all network traffic is treated as untrusted and therefore all network packets must be inspected in order to prevent attacks or block malicious and unwanted traffic.
An NGIPS can segment networks into zones that contain data and devices with similar compliance requirements. Segmentation of internal networks simplifies security operations, enforces corporate compliance, and helps ensure regulatory compliance (e.g., PCI, HIPAA).
The NGIPS can provide consistent traffic inspection policies across diverse environments. Enterprises increasingly are running workloads in physical, virtual, and cloud-based environments, which is driving the need for deep packet inspection across all of these environments.
A security product that fails to protect what’s important to you can lead to catastrophic consequences for your organization. Just because a product is the least expensive doesn’t mean it provides the best value or meets your needs. NSS Labs can help you determine which products are right for you. The results of the fourth iteration of our NGIPS Group Test are publishing soon.