The challenge
Get the Most from Your IPS
A rising number of malicious attacks has made implementing an intrusion prevention system (IPS) a top priority for enterprises large and small. An IPS identifies common vulnerabilities and exposures, and then mitigates them by dropping the malicious packets or blocking traffic from the offending IP address. However, because IPS’s alone lack the processing power they need to handle the overwhelming amount of traffic, as well as encrypted traffic, the technology is often deployed in a passive detection mode only. Through intelligent traffic management and SSL offloading, our BIG-IP platform works in unison with IPS, enabling the infrastructure to focus on identifying and mitigating threats to your network.
Read the White Paper: Deploying a Next-Generation IPS Infrastructure
The solution
No Application Left Unprotected
Enterprises can realize increased efficiency in their IPS infrastructures by offloading SSL termination and deploying a high-performance Application Delivery Controller (ADC) such as the F5 BIG-IP system to intelligently steer incoming waves of traffic. Also, administrators gain the flexibility to add and remove resources when performing maintenance to IPS sensor pools, while the ADC seamlessly redirects traffic through available devices. These increased efficiencies allow the IPS to focus on mitigating threats—and ensure that no application is left unprotected.
The deployment
Say Goodbye to Blind Spots
SSL encryption of applications is becoming the norm. This ensures the integrity and privacy of transactions, but poses a visibility problem for IPS systems. This lack of visibility means attackers can evade IPS by encrypting their transmissions within SSL. Learn how F5 combines its intelligent ADC with next-generation IPS to provide a solution that eliminates dangerous blind spots.
Read the White Paper: NGIPS Recommended Practices F5 BIG-IP and Cisco/Sourcefire NGIPS load balancing