In today's business environment, network intruders and attackers can come from outside or inside the network. They can launch distributed denial-of-service attacks, they can attack Internet connections, and they can exploit network and host vulnerabilities. At the same time, Internet worms and viruses can spread across the world in a matter of minutes. There is often no time to wait for human intervention-the network itself must possess the intelligence to recognize and mitigate these attacks, threats, exploits, worms and viruses.
Cisco IOS IPS: Major Use Cases and Key Benefits
While it is common practice to defend against attacks by inspecting traffic at data centers and corporate headquarters, blocking malicious traffic at the branch office is also critical. Deploying router-based threat control at the branch, small business, or home office enables those locations to drop offending traffic as needed, stopping attacks at their point of entry.
Cisco IOS Intrusion Prevention System (IPS) is an inline, deep-packet inspection feature that effectively mitigates a wide range of network attacks. A component of the Cisco IOS Integrated Threat Control framework and complemented by Cisco IOS Flexible Packet Matching feature, Cisco IOS IPS provides your network with the intelligence to accurately identify, classify, and stop or block malicious traffic in real time.
- Increased network availability -- Provides networkwide, distributed protection from many attacks, exploits, worms, and viruses
- Faster remediation -- Pinpoints the source of network attacks faster and takes corrective actions closest to the attack
- Deployment flexibility -- Offers inline inspection of traffic through any combination of the router's LAN and WAN interfaces with field-customizable worm and attack signature sets and event actions that adjust automatically based on risk level
- Comprehensive threat protection -- Works with Cisco IOS Firewall, control-plane policing, and other Cisco IOS Software security features