User guide
Chapter 1: Introducing the Proventia Network Intrusion Prevention System
14
Intrusion Prevention
Introduction The Proventia Network Intrusion Prevention System (IPS) automatically blocks malicious
attacks while preserving network bandwidth and availability. The Proventia Network IPS
appliances are purpose-built, Layer 2 network security appliances that you can deploy
either at the gateway or the network to block intrusion attempts, denial of service (DoS)
attacks, malicious code, backdoors, spyware, peer-to-peer applications, and a growing list
of threats without requiring extensive network reconfiguration.
Figure 1: Intrusion prevention overview
Figure 1 illustrates how the Proventia Network IPS protects your network. With flexible
deployment options and out-of-the-box functionality, these appliances ensure accurate,
high-performance protection at both the network perimeter and across internal networks
and internal network segments.
Protection features Proventia intrusion prevention features include proven detection and prevention
technologies, along with the latest security updates. These appliances understand the
logical flow and state of traffic, resulting in unsurpassed protection against network
threats, including trojans, backdoors and worms.
Proventia Network IPS offers the following features to protect your network against
threats:
● Dynamic blocking
Proventia Network IPS uses vulnerability-based attack identification to enable an
immediate and reliable blocking response to unwanted traffic while allowing
legitimate traffic to pass unhindered. It employs a deep traffic inspection process that
uses detection-based blocking to stop both known attacks and previously unknown
attacks.
Protected Network
attack traffic
permitted traffic
0001110001
0111000111
0001110001
101010100
001110001
1110001110
001110001
1010101000
payload
header
payload
header
HTTP
HTTP
Proventia inspects
HTTP packet
Protects against
attack
Firewall inspects header
Allows web traffic
to pass