Select Page

NEXT GENERATION INTRUSION PREVENTION SYSTEM (NGIPS)

NEXT GENERATION INTRUSION PREVENTION SYSTEM (NGIPS)

TECHNOLOGY DESCRIPTION

The next generation intrusion prevention system (NGIPS) decodes and inspects network packets for exploits. An NGIPS provides deep inspection of network traffic, closely monitors system activities for malicious attack activities, and provides protection against threats.

NGIPS must provide organizations with the ability to identify both the applications and the users on their internal networks. As with its predecessor, the network intrusion prevention system (IPS), the NGIPS must allow legitimate traffic to pass while also blocking attacks and resisting evasion techniques. It must catch sophisticated attacks while producing as few false positives as possible and without introducing network latency. The NGIPS is typically placed behind an NGFW and implemented as an inline device that inspects and blocks traffic identified as malicious or unwanted.

Regardless of any security features, an NGIPS must be as stable, reliable, fast, and flexible as the infrastructure it protects. It should also be possible to incorporate an NGIPS into an existing security architecture without requiring a network redesign. The following capabilities are considered essential in an NGIPS:

  • Intrusion prevention
  • Application identification
  • User identification
  • Reputation awareness

WHAT WE TESTED

NSS Labs’ Next Generation Intrusion Prevention System (NGIPS) Group Test evaluates market-leading NGIPS products on their security effectiveness, performance, and total cost of ownership (TCO). The test includes resiliency testing, which assesses a system’s ability to protect against multiple variants of an exploit, not only the exploit’s known variants. The test provides Comparative Reports and individual Test Reports to help enterprises make informed decisions to evolve and rationalize their cyber risk programs.