Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

IPS, Firewall and Antivirus: what do I need to have it installed?

user-image
Question added by Maher Sadwan
Date Posted: 2016/09/28
Bassam Ali Mohammed Al-mamari
by Bassam Ali Mohammed Al-mamari , مساعد الرصد والتقييم , برودجي سيستمز

well, let's have a look to all of them in regards of their purpose and fuction

IPS is a intrusion preventing System: that detects and prevents any intrusion that may hurt your System.

Firewall is a software or a piece of hardware that blocks any unknown application and pervents it from accessing the system or denied it from running either ongoing or outgoing.

 

Antivirus: is a protected software that protect System from unknown and malicious applications and files .

IPS can be apart of Antivirus as a complete protection Packet.

If we have a firewall and Antivirus, that well be fine for any client PC.

but in case of a company we may have to get a complete Protection Packet that consists of antivirus, Firewall ,IDS and IPS .

 

Thank You.

Deleted user
by Deleted user

First, it must be noted that the use of each of the tools depends largely on where the system is located and the use made out of it. Furthermore, it is clear that they are complementary to each other.

An IDS monitors the network to detect when a system is engaging in suspicious activity by examining the network traffic and calls performed in the system. While the firewall will be set when a connection between two computers via the Internet is not in compliance with established security policies for the network environment. And the antivirus can control when a device or a particular file server tries to perform malicious activities that may affect the safety of its information.

In this way, a firewall can detect when an external attacker is trying to perform a malicious action, and can then take steps to avoid it. In addition, an antivirus solution provides the tools to prevent a file received via email, via a USB device or downloaded directly from the Internet to run any malicious action that puts the information at risk. And if this computer is on a network, an IDS can monitor the behavior of the other computers and provide an additional layer to detect any malicious activity.

Finally, besides having a good security infrastructure, it is very important to be properly qualified in how to work against these malicious activities and raise awareness among users of new threats. Otherwise, having the best antivirus solution or the most expensive firewall could be useless, if users are not careful about the information they provide on the Internet, or the passwords they are using. Responsible use of the information and devices will allow working environments to be more productive with different technologies in a safer way.

Rami Sulimani
by Rami Sulimani , Network Manager , Tajco

If you have to choose one and only one you must go with Firewall as it the most important one

Maya Karam
by Maya Karam , Computer Engineer , Kangaroo L.T.D

If you want a top security environment you have to install them all together

Mirza Hussain Baig
by Mirza Hussain Baig , SOC Team Lead , Saudi Emircom Company

It's best to have UTM appliance like Sonicwall installed as it has all three features in a single hardware

Ahmad Aqqad
by Ahmad Aqqad , System Administrator , AlQubtan LLC

Firewall

WAFs are designed to protect web applications/servers from web-based attacks that IPSs cannot prevent. In the same regards as an IPS, WAFs can be network or host based. They sit in-line and monitor traffic to and from web applications/servers. Basically, the difference is in the level of ability to analyze the Layer 7 web application logic.

Where IPSs interrogate traffic against signatures and anomalies, WAFs interrogate the behavior and logic of what is requested and returned. WAFs protect against web application threats like SQL injection, cross-site scripting, session hijacking, parameter or URL tampering and buffer overflows. They do so in the same manner an IPS does

 

Intrusion Prevention System (IPS)

An IPS generally sits in-line and watches network traffic as the packets flow through it. It acts similarly to an Intrusion Detection System (IDS) by trying to match data in the packets against a signature database or detect anomalies against what is pre-defined as "normal" traffic. In addition to its IDS functionality, an IPS can do more than log and alert. It can be programmed to react to what it detects. The ability to react to the detections is what makes IPSs more desirable than IDSs.

There are still some drawbacks to an IPS. IPSs are designed to block certain types of traffic that it can identify as potentially bad traffic. IPSs do not have the ability to understand web application protocol logic. Hence, IPSs cannot fully distinguish if a request is normal or malformed at the application layer (OSI Layer 7). This short coming could potentially allow attacks through without detection or prevention, especially newer attacks without signatures.

Yasmeen Zen
by Yasmeen Zen , Business Development Manager , Bin Laden

IPS, because IPS technologies provide you these benefits:

  • Detects and stops attacks that other security controls cannot;
  • Supports customization of detection capabilities to stop activity that is only of concern to a single organization; and
  • Reduces the amount of network traffic reaching other security controls, which both lowers the workload for those controls and protects those controls from direct attacks.

 

Kenan  Ordano
by Kenan Ordano , Network Engineer , Alyamani Brothers

Firewall because it do all the below features:

Monitors Traffic

Blocks Trojans

Stops Hackers

Stops Keyloggers

Loqman Khamees
by Loqman Khamees , IT Manager , Nucleus Inc.

Firewall cover almost all features of the three of them

Fou'ad Obeidat
by Fou'ad Obeidat , Deputy Project Manager , Future Services General Trading and Contracting Co. W.L.L

Depends on what system you are using.

 

However, there are a lot of antiviruses that come with firewalls.

Raouf Shaheen
by Raouf Shaheen , Database Administrator , Future Vision

Firewall because it monitors and controls the incoming and outgoing network traffic based on predetermined security rules. A firewall typically established a barrier between a trusted,

More Questions Like This