Anomaly vs Vulnerability Detection Using Cisco IPS
The Cisco IPS network based intrusion prevention system (NIPS) uses signatures to detect network-based attacks. Signatures can be created in a variety of engines based on the type of network traffic being inspected. Cisco signatures have very flexible configurations. In this blog post, I will discuss the trade-offs between two basic approaches for signature configuration: anomaly detection and vulnerability detection. With Cisco IPS, anomaly detection is a broad approach of detecting malicious network activity. Signatures written to detect broad categories [...]
from Cisco Blog » Security http://ift.tt/1OpQ0dg
from Cisco Blog » Security http://ift.tt/1OpQ0dg