Example: large-scale IPS installation
The following is an example of a large-scale installation with two Single IPS engines.
The example company’s main office at London has many end users and servers. The servers host nearly all company external services and receive a high volume of traffic. The large end-user base generates a high volume of network traffic as well. There are many different applications and protocols in use, resulting in a diverse traffic pattern. The most important asset that the company wants to protect at its headquarters are the web servers hosting the company’s online store. The main system administrators work at the main office site.
Figure: Headquarters in London
In this case, the company has made the following decisions:
- Because most of the administrators are at this site, the Management Server that controls the whole distributed system is located here.
- There are many administrators and components, so there is also a Log Server here.
- Several DMZs for different services handle a high total volume of traffic. Part of the traffic is encrypted HTTPS, which uses significant processing power to decrypt for inspection. As the overall load is heavy, the company decided to protect the DMZs using a dedicated high-performance Forcepoint NGFW appliance.
- A separate single IPS is installed to protect the diverse high-volume communications of the internal networks.
- The Management Server and the Log Server are placed in a dedicated DMZ for security.