Stormshield IPS-IDS engine
Our security solution for flagging and blocking cyberattacks
Our security solution for flagging and blocking cyberattacks
Cybercriminals are becoming increasingly secretive in their attempts to hide their attacks and slip under the radar of security solutions. The Stormshield IPS-IDS engine gives you a solution for detecting (IDS, Intrusion Detection System) and preventing (IPS, Intrusion Prevention System) the most sophisticated attacks.
IPS (Intrusion Prevention System) and IDS (Intrusion Detection System) systems monitor network traffic, packets and their contents in real time, and detect abnormal and suspicious activity. When the IDS system will alert, the IPS system will block the cyberattack. This technology provides protection against attacks based on vulnerabilities in network protocols.
Intrusion Prevention System: how does it work? Placed at the edge of the networks they protect, intrusion prevention systems analyse network packets to check protocol compliance and control over commands. In order to block attempted attacks, they then check whether the network packets contain a set of data matching known malware signatures.
What’s the difference between a firewall, an IPS and an IDS? To protect your network, these security solutions work in complementary ways: the firewall acts on traffic by filtering flows according to predefined access rules to network resources; the IDS raises alerts based on suspicious behaviour; and finally, the IPS blocks cyberattacks.
The Stormshield Network Security (SNS) range of firewalls directly incorporates this IPS-IDS engine, providing complete solutions dedicated to protecting your networks.
The Stormshield IPS engine is able to decode the protocols used in communications and provide advanced compliance verification using Deep Packet Inspection (DPI) functionality. This type of IPS solution, known as a “Stateful DPI”, can increase the security level of the operational infrastructure, reducing the extent to which network assets are compromised.
This offers targeted protocol search and signature protection: the Stormshield solution gives you a high-quality intrusion prevention system that ensures the availability and integrity of your systems.
To find out more, watch a series of fun, educational videos to find out everything you need to know about the Stormshield Stateful DPI IPS engine.
Defence systems in the OT: industrial sensors or IPS? What’s the difference between the two? What benefits does IPS offer? Find the answers to these questions and more in our "Stateful DPI in IoT environments” whitepaper.
Stormshield's IPS-IDS system is built into our Stormshield Network Security range of firewall solutions. These firewalls are developed to high levels of market certification, both French and European (Common Criteria, ANSSI certification & qualification, NATO Restricted, EU Restricted and El Centro Criptológico Nacional in Spain, etc.); these third-party evaluation processes pay close attention to security solutions’ IPS engines. These security and sovereignty assurances form the basis of the trust that organisations with the most critical security needs have in us: defence organisations or sensitive sectors, local and national government bodies, financial institutions, etc.
There are at least two different types of IPS, which are not to be confused. Firstly, there is the HIPS (Host-Based Intrusion Prevention System), which monitors activity on workstations. And secondly, there is the NIPS (Network Intrusion Prevention System – as discussed on this page) – which monitors the network.
To explore the first, focusing on endpoint protection, read our whitepaper ”EDR and HIPS: which approach to take to effectively block sophisticated cyberattacks?”.
Stormshield IPS-IDS: questions & answers. Do you have a more technical question about the Stormshield IPS-IDS solution? Would you like a trial version of SNS firewalls? Or a price estimate? If you require any commercial or technical information, please contact our teams.