home > Security Information > IPS Overview > Motive of IPS Creation
Motive of NPU base IPS Creation by high speed processor
Main security
solution
Design Concept
Problem
Firewall Control by
services or ports		 - Weak against attack through opened
.. port
- Can¡¯t see inside of packet
- Weak against App attack
- Motive of intrusion detection system
.. creation
Intrusion
Detection System		 Alert against all doubt
packets and actions by
analyze of packet
inside of action		 - Too many Alert(Crying Wolf Syndrome)
- False Positive (Accuracy)
- Problems of intrusion awareness and
.. countermeasure
- Problem of detection performance
- Problem of Real time alert and attack
.. coverage
S/W base
server security		 Role base Grant
Authority/ Intrusion
Prevention by
system call trace 		- Spend server resources
- Possibility of incapacitation by OS
.. weakness
- Problem of path
IPS by design concept
NIPS - Real time auto protection of inline install and attack
- Auto protection of attack like firewall by packet intercept and transmission
- Detection by Pattern match, Stateful match(session), abnormality of protocol,
.. abnormality of traffic, statistical abnormality(accuracy)
NIDS

- Switch mirror port install and collected traffic watch
- Manual correspondence by manager alert(Impossible) or Auto
.. correspondence by firewall rule change and TCP reset
.. (failed by correspondence time delay)
- Pattern match(Low accuracy)