“We are currently supplementing our border security with an emerging approach to an intrusion detection system,” says Boyd. “Part of the challenge here is that we care really heavily about data-intensive science, and many security devices lag the equivalent network hardware by an order of magnitude.”
This means that, even with the IPS in place, the team at the University of Michigan is still looking for solutions that will scale with its border. But the IPS provides important protection as a piece of the network security portfolio.
“We’ve been able to incorporate threat intelligence that we gather,” says Neil. “The IPS allows us to evaluate traffic based on the content and the threat, and it allows us to permit or deny based on not only threat intelligence, but also reputation information. Leveraging the IPS in this way allows us to block 2 to 3 million potential threats and attacks on a daily basis.”
Next-Generation Platforms Provide All-in-One Solution
Temple University adopted the Next-Generation Security Platform from Palo Alto Networks, which includes intrusion prevention, in 2016. Previously, the university had taken a piecemeal approach, evaluating a host of solutions to meet various needs.
“Operating Palo Alto Networks has proven more efficient for us operationally,” says Adam Ferrero, assistant vice president for network services. “The performance of the purpose-built platform is also better than what we could have provided with multiple point solutions.”
Threat intelligence empowers IT to better control network traffic, says Dennis Neil of the University of Michigan. Photography by Nick Hagen.
Ferrero’s team chose the platform after an extensive review of performance goals. In particular, they wanted to know how packet processing behaved on each of the four platforms they considered. The integrated platform has been a success.
“Our service quality reviews before and after the next-gen firewall implementation show a clear improvement in the stability of the platform,” says Ferrero. “We were chasing problems related to the previous platform a couple times per month. The new platform is so trusted, I struggle to think of a problem it introduced all year.”
Next Generation Firewall Is a Core Component for Network Security
Whether you’re choosing a stand-alone IPS or an integrated solution that includes intrusion prevention, it’s clear that this technology is becoming more of a requirement than an option.
Says Bowling, “From my perspective, the use of an IPS — and, to a larger extent, a next-generation firewall — is a critical piece of any network security posture. In an environment where there is not enterprise control of all endpoints, the ability to do fine-grained traffic control is critical to securing networks overall.”
Bowling expects that, over time, integrated IPS solutions may become more common. Whichever model IT departments choose, however, the function will remain a critical one.
“The trend over time has been adoption of an IPS as a core network control mechanism,” says Bowling. “At this point, use of an IPS is nearly universal, at least in medium-sized and large institutions.”