informa
/
Attacks/Breaches
News

HIPS Swing

The need for mobile security is pushing enterprises toward host intrusion prevention tools

2:10 PM -- Those dang end users. You've tried tying them up and chaining them down, but they still insist on straying from your corporate offices. It would be so much easier to secure their machines if they would just sit still.

Unfortunately, today's workforce is extremely mobile, and as remote and wireless technologies improve, it's becoming even more mobile every day. And that's why traditional intrusion prevention systems that sit behind the corporate firewall just aren't enough anymore.

In our latest edition of Dark Reading Insider, author John Sawyer offers an in-depth look at an emerging problem that could help solve the mobile security problem: host intrusion prevention systems (HIPS).

HIPS, an outgrowth of the old personal firewall, has come a long way in recent months. Today's HIPS products deliver not only traditional firewalling, but antivirus and anti-malware capabilities, content filtering, vulnerability assessment, and a variety of access control and management features. There are at least a dozen different vendors offering HIPS products, and the market is sure to heat up as major players such as Cisco, McAfee, and Symantec ramp up production of products they acquired from smaller vendors.

What makes HIPS any different from its predecessors, the enterprise IPS and the network IPS? Location, location, location. Unlike those other systems, which are primarily designed to protect users at fixed locations, HIPS resides on the client side, in a remote desktop or mobile laptop. It's protecting a single machine wherever it goes, and therefore isn't dependent on proximity to a local IPS. And because it's monitoring for intrusions on a single device, it's less prone to false positives than centralized systems that work for a whole range of users and devices.

Sure, there are issues with emerging HIPS technology. One of them is the level of configuration required for the products, many of which require too much knowledge on the part of the end user. There's also the issue of network access control (NAC), which is designed to handle some of these remote security problems and may conflict with some HIPS features.

But these are issues that are eminently solvable, through greater automation of configuration and improved integration with NAC. In the long term, the benefits of putting the IPS on the host machine will outweigh its drawbacks.

Want to know more about the emerging class of HIPS products? Check out our new report. It offers not only a discussion of the technology, but a comparison of the vendors and products that offer it. If you're thinking about HIPS, this report might just help you find what you're looking for.

And put that bottle of Krazy Glue down. No matter what you do, those users aren't going to stay put.

— Tim Wilson, Site Editor, Dark Reading

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5