Selecting the Right Host Intrusion Prevention System: 12 Key Questions to Ask

White Paper Published By: Third Brigade

This white paper identifies twelve critical questions that organizations need to consider when selecting a Host Intrusion Prevention System product. These questions relate to protection, manageability, integration and speed.

Tags :

host ips, ips, hips, intrusion prevention, vendor selection, software selection, security, hacker prevention

Published:	May 25, 2007
Type:	White Paper
Length:	9 pages

SELECTING
THE RIGHT
HOST INTRUSION
PREVENTION SYSTEM:
12 Key Questions to Ask

WHITE PAPER
Selecting the Right Host Intrusion Prevention System: 12 Key Questions to Ask WHITE PAPER
EEEExxxxeeeeccccuuuuttttiiiivvvveeee SSSSuuuummmmmmmmaaaarrrryyyy
Host Intrusion Prevention Systems (HIPS) complement perimeter defenses, and play a vital role in protecting critical applications and sensitive data from a security breach. As such, the process of selecting the right HIPS - one that provides the required protection while addressing operational security concerns, and minimizing the impact on IT resources - is an important one. This white paper identifies twelve critical questions that organizations need to consider when selecting a HIPS product. These questions relate to protection, manageability, integration and speed.
TTTTaaaabbbblllleeee ooooffff CCCCoooonnnntttteeeennnnttttssss Executive Summary ............................................................................................................1 Introduction ..........................................................................................................................2 1. How does it minimize false positives? ..........................................................................3 2. Can it prove you were protected? ..................................................................................3 3. What platforms does it protect?.....................................................................................4 4. How easy is it to administer and manage?...................................................................4 5. Can it integrate with other security investments? .......................................................5 6. How long will it take to deploy?......................................................................................5 7. Where does it stop the attacks?.....................................................................................6 8. What impact will it have on performance? ...................................................................6 9. How quickly can it be updated with new filters?..........................................................6 10. What kinds of reports are provided?...........................................................................7 11. Has it been certified?.....................................................................................................7 12. How quickly will the HIPS vendor respond?...............................................................7 About Third Brigade®.........................................................................................................8
1
Selecting the Right Host Intrusion Prevention System: 12 Key Questions to Ask WHITE PAPER
IIIInnnnttttrrrroooodddduuuuccccttttiiiioooonnnn
Enterprises today recognize the importance of securing their hosts, applications and data from a security breach. They know that:
Financially motivated cyber-criminals are increasingly targeting enterprises;
Perimeter defenses, while important, can be readily bypassed or penetrated, often by insiders;
It can take weeks or months to fully test and deploy the latest patches for operating systems and enterprise and web applications, leaving a significant vulnerability gap that attackers can exploit;
The costs of a breach - including those associated with business disruption, lost revenue, customer turnover, lower productivity, and remediation and support - are high;
Regulations, standards, and service level agreements with customers increasingly require additional, host-based compensating controls.
Host Intrusion Prevention Systems (HIPS) have emerged as a security best-practice that address these issues. Because of the vital role that HIPS plays in a proactive, defense-in-depth strategy, the process of selecting the right HIPS - one that provides the required protection while addressing operational security concerns, and minimizing the impact on IT resources - is an important one.
To help ensure organizations evaluate and select the appropriate HIPS product for their environment, here are twelve critical questions that should be asked of every vendor, about their HIPS product.
... [download for more]

Browse Technology Topics

Data Center Virtualization, Cloud Computing, Infrastructure, Design and Facilities... more, Power and Cooling, Green Computing less		Data Management Application Integration, Analytical Applications, Business Intelligence... more, Configuration Management, Database Development, Data Integration, Data Mining, Data Protection, Data Quality, Data Replication, Database Security, EDI, SOAP, Service Oriented Architecture, Web Service Management, Data Warehousing less
Electronics Analog Communications, Digital Signal Processing, Electronic Design Automation... more, System On A Chip, Electronic Test and Measurement, Embedded Design, Boards & Modules, Embedded Systems and Networking, Electromechanical & Mechanical, Optoelectonics & Displays, Packaging and Interconnects, Passive & Discrete Components, Power Sources & Conditioning Devices, Integrated Circuits and Semiconductors, Sensors & Actuators less		Enterprise Applications Application Integration, Application Performance Management... more, Best Practices, Business Activity Monitoring, Business Analytics, Business Integration, Business Intelligence, Business Management, Business Metrics, Business Process Automation, Business Process Management, Call Center Management, Call Center Software, Change Management, Corporate Governance, Customer Interaction Service, Customer Relationship Management, Customer Satisfaction, Customer Service, EBusiness, Enterprise Resource Planning, Enterprise Software, EProcurement, Extranets, Groupware Workflow, HIPAA Compliance, IP Faxing, IT Spending, Marketing Automation, Performance Testing, Product Lifecycle Management, Project Management, Return On Investment, Risk Management, Sales & Marketing Software, Sales Automation, Server Virtualization, Simulation Software, Supply Chain Management, System Management Software, Total Cost of Ownership, Video Conferencing, Voice Recognition, Voice Over IP, Workforce Management, Incentive Compensation, Spend Management, Manufacturing Execution Systems, International Computing less
Human Resource Technology Human Resources Services, Payroll Software, Time and Attendance Software... more, Workforce Management Software, Financial Management, Employee Monitoring Software, Employee Training Software, Recruiting Software/Services, Employee Performance Management, ELearning, Benefits Management, Expense Management less		IT Career Advancement Cisco Certification, Microsoft Certification, Linux Certification... more, Network Security Certification, Software Development Certification less
IT Management Employee Performance, ITIL, Productivity, Project Management... more, Software Compliance, Sarbanes Oxley Compliance, Service Management, Desktop Management less		Knowledge Management Collaboration, Collaborative Commerce, Contact Management... more, Content Delivery, Content Integration, Content Management System, Corporate Portals, Customer Experience Management, Document Management, Information Management, Intranets, Messaging, Records Management, Search And Retrieval, Search Engines, Secure Content Management, SLA less
Networking Active Directory, Bandwidth Management, Convergence, Distributed Computing... more, Ethernet Networking, Fibre Channel, Gigabit Networking, Governance, Grid Computing, Infrastructure, Internetworking Hardware, Interoperability, IP Networks, IP Telephony, Local Area Networking, Load Balancing, Migration, Monitoring, Network Architecture, Network Management, Network Performance, Network Performance Management, Network Provisioning, Network Security, OLAP, Optical Networking, Quality Of Service, Remote Access, Remote Network Management, Server Hardware, Servers, Small Business Networks, TCP/IP Protocol, Test And Measurement, Traffic Management, Tunneling, Utility Computing, VPN, Wide Area Networks, Green Computing, Cloud Computing, Power and Cooling, Data Center Design and Management, Colocation and Web Hosting less		Platforms AS/400, Domino, Linux, Microsoft Exchange, Oracle, PeopleSoft... more, SAP, Siebel, Solaris, Tivoli, Unix, Web Sphere, Windows, Windows Server less
Security Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security... more, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security, PCI Compliance, Vulnerability Management less		Software Development .NET, C++, Database Development, Java, Middleware, Open Source... more, Software Outsourcing, Quality Assurance, Scripting, SOAP, Software Testing, Visual Basic, Web Development, Web Services, Web Service Security, XML less
Storage Backup And Recovery, Blade Servers, Clustering, IP Storage... more, ISCSI, Network Attached Storage, RAID, Storage Area Networks, Storage Management, Storage Virtualization, Email Archiving, Data Deduplication less		Wireless 802.11, Bluetooth, CDMA, GPS, Mobile Computing, Mobile Data Systems... more, Mobile Workers, PDA, RFID, Smart Phones, WiFi, Wireless Application Software, Wireless Communications, Wireless Hardware, Wireless Infrastructure, Wireless Messaging, Wireless Phones, Wireless Security, Wireless Service Providers, WLAN less