Accuracy of IPS engines and Layer 2 Firewalls

To provide the best possible accuracy, the IPS and Layer 2 Firewall engines provide multiple detection methods that complement each other.

Effective response to network security incidents requires the capability to recognize an enormous number of possible threats. The IPS system must not produce a high number of false alarms that:
  • Engage the system administrators in needless investigations.
  • Automatically stop legitimate business communications.

Attack signatures are supplemented with protocol-specific matching to produce accurate fingerprints of attacks. The observations on network traffic are not passed on to administrators directly, but instead collected together for further analysis and combined presentation.

What is considered to be a serious threat to a crucial system in one environment might not be considered an event at all in another network. There is more than one set of traffic inspection policies that would work ideally in every environment. So IPS and Layer 2 Firewall provides detailed customization possibilities for the entire inspection process. The efficient configuration tools provide default policies that can be edited using drag and drop, while still allowing highly detailed controls for advanced configuration.

With accurate detection results, efforts can be concentrated on countering real threats instead of working on analyzing an endless stream of false alarms.